diff options
| author | Hubert Chathi <hubert@uhoreg.ca> | 2018-10-17 15:50:36 -0400 |
|---|---|---|
| committer | Hubert Chathi <hubert@uhoreg.ca> | 2018-10-19 12:10:11 -0400 |
| commit | 1c7ff7f48d121ea1108eec2247a34aaec2906e61 (patch) | |
| tree | ac222c71797e73e21af4544a5948d1f443a15e81 /android/olm-sdk/src/main/jni | |
| parent | c4c3055f838092aa5503253363faa55b44d7c0a5 (diff) | |
more and improved buffer sanitising for Android bindings
Diffstat (limited to 'android/olm-sdk/src/main/jni')
| -rw-r--r-- | android/olm-sdk/src/main/jni/olm_account.cpp | 14 | ||||
| -rw-r--r-- | android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp | 18 | ||||
| -rw-r--r-- | android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp | 12 | ||||
| -rw-r--r-- | android/olm-sdk/src/main/jni/olm_session.cpp | 12 | ||||
| -rw-r--r-- | android/olm-sdk/src/main/jni/olm_utility.cpp | 14 |
5 files changed, 57 insertions, 13 deletions
diff --git a/android/olm-sdk/src/main/jni/olm_account.cpp b/android/olm-sdk/src/main/jni/olm_account.cpp index 40081ac..00b1460 100644 --- a/android/olm-sdk/src/main/jni/olm_account.cpp +++ b/android/olm-sdk/src/main/jni/olm_account.cpp @@ -528,6 +528,7 @@ JNIEXPORT jbyteArray OLM_ACCOUNT_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi const char* errorMessage = NULL; jbyteArray pickledDataRetValue = 0; jbyte* keyPtr = NULL; + jboolean keyIsCopied = JNI_FALSE; OlmAccount* accountPtr = NULL; LOGD("## serializeJni(): IN"); @@ -542,7 +543,7 @@ JNIEXPORT jbyteArray OLM_ACCOUNT_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi LOGE(" ## serializeJni(): failure - invalid account ptr"); errorMessage = "invalid account ptr"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, NULL))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyIsCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -586,6 +587,9 @@ JNIEXPORT jbyteArray OLM_ACCOUNT_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi // free alloc if (keyPtr) { + if (keyIsCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -610,6 +614,7 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, OlmAccount* accountPtr = NULL; jbyte* keyPtr = NULL; + jboolean keyIsCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -629,7 +634,7 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, LOGE(" ## deserializeJni(): failure - account failure OOM"); errorMessage = "account failure OOM"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyIsCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -665,6 +670,9 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, // free alloc if (keyPtr) { + if (keyIsCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -684,4 +692,4 @@ JNIEXPORT jlong OLM_ACCOUNT_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, } return (jlong)(intptr_t)accountPtr; -}
\ No newline at end of file +} diff --git a/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp b/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp index 114b7cd..ae9ecf1 100644 --- a/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp +++ b/android/olm-sdk/src/main/jni/olm_inbound_group_session.cpp @@ -62,6 +62,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(createNewSessionJni)(JNIEnv * const char* errorMessage = NULL; OlmInboundGroupSession* sessionPtr = NULL; jbyte* sessionKeyPtr = NULL; + jboolean sessionWasCopied = JNI_FALSE; size_t sessionSize = olm_inbound_group_session_size(); LOGD("## createNewSessionJni(): inbound group session IN"); @@ -81,7 +82,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(createNewSessionJni)(JNIEnv * LOGE(" ## createNewSessionJni(): failure - invalid aSessionKey"); errorMessage = "invalid aSessionKey"; } - else if (!(sessionKeyPtr = env->GetByteArrayElements(aSessionKeyBuffer, 0))) + else if (!(sessionKeyPtr = env->GetByteArrayElements(aSessionKeyBuffer, &sessionWasCopied))) { LOGE(" ## createNewSessionJni(): failure - session key JNI allocation OOM"); errorMessage = "Session key JNI allocation OOM"; @@ -119,6 +120,9 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(createNewSessionJni)(JNIEnv * if (sessionKeyPtr) { + if (sessionWasCopied) { + memset(sessionKeyPtr, 0, (size_t)env->GetArrayLength(aSessionKeyBuffer)); + } env->ReleaseByteArrayElements(aSessionKeyBuffer, sessionKeyPtr, JNI_ABORT); } @@ -474,6 +478,7 @@ JNIEXPORT jbyteArray OLM_INBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *en jbyteArray pickledDataRet = 0; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; OlmInboundGroupSession* sessionPtr = getInboundGroupSessionInstanceId(env, thiz); LOGD("## inbound group session serializeJni(): IN"); @@ -488,7 +493,7 @@ JNIEXPORT jbyteArray OLM_INBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *en LOGE(" ## serializeJni(): failure - invalid key"); errorMessage = "invalid key"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -533,6 +538,9 @@ JNIEXPORT jbyteArray OLM_INBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *en // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -558,6 +566,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, OlmInboundGroupSession* sessionPtr = NULL; size_t sessionSize = olm_inbound_group_session_size(); jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -582,7 +591,7 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, LOGE(" ## deserializeJni(): failure - serialized data"); errorMessage = "serialized data"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -620,6 +629,9 @@ JNIEXPORT jlong OLM_INBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } diff --git a/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp b/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp index b11c474..a22122a 100644 --- a/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp +++ b/android/olm-sdk/src/main/jni/olm_outbound_group_session.cpp @@ -387,6 +387,7 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *e jbyteArray returnValue = 0; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; OlmOutboundGroupSession* sessionPtr = NULL; LOGD("## outbound group session serializeJni(): IN"); @@ -401,7 +402,7 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *e LOGE(" ## serializeJni(): failure - invalid key"); errorMessage = "invalid key"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -446,6 +447,9 @@ JNIEXPORT jbyteArray OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(serializeJni)(JNIEnv *e // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -471,6 +475,7 @@ JNIEXPORT jlong OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, OlmOutboundGroupSession* sessionPtr = NULL; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -495,7 +500,7 @@ JNIEXPORT jlong OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, LOGE(" ## deserializeJni(): failure - serialized data"); errorMessage = "invalid serialized data"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -532,6 +537,9 @@ JNIEXPORT jlong OLM_OUTBOUND_GROUP_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } diff --git a/android/olm-sdk/src/main/jni/olm_session.cpp b/android/olm-sdk/src/main/jni/olm_session.cpp index b9db286..15ad4fe 100644 --- a/android/olm-sdk/src/main/jni/olm_session.cpp +++ b/android/olm-sdk/src/main/jni/olm_session.cpp @@ -810,6 +810,7 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi jbyteArray returnValue = 0; jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; OlmSession* sessionPtr = getSessionInstanceId(env, thiz); LOGD("## serializeJni(): IN"); @@ -824,7 +825,7 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi LOGE(" ## serializeJni(): failure - invalid key"); errorMessage = "invalid key"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## serializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "ikeyPtr JNI allocation OOM"; @@ -869,6 +870,9 @@ JNIEXPORT jbyteArray OLM_SESSION_FUNC_DEF(serializeJni)(JNIEnv *env, jobject thi // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } @@ -892,6 +896,7 @@ JNIEXPORT jlong OLM_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, const char* errorMessage = NULL; OlmSession* sessionPtr = initializeSessionMemory(); jbyte* keyPtr = NULL; + jboolean keyWasCopied = JNI_FALSE; jbyte* pickledPtr = NULL; LOGD("## deserializeJni(): IN"); @@ -911,7 +916,7 @@ JNIEXPORT jlong OLM_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, LOGE(" ## deserializeJni(): failure - serialized data"); errorMessage = "serialized data"; } - else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, 0))) + else if (!(keyPtr = env->GetByteArrayElements(aKeyBuffer, &keyWasCopied))) { LOGE(" ## deserializeJni(): failure - keyPtr JNI allocation OOM"); errorMessage = "keyPtr JNI allocation OOM"; @@ -947,6 +952,9 @@ JNIEXPORT jlong OLM_SESSION_FUNC_DEF(deserializeJni)(JNIEnv *env, jobject thiz, // free alloc if (keyPtr) { + if (keyWasCopied) { + memset(keyPtr, 0, (size_t)env->GetArrayLength(aKeyBuffer)); + } env->ReleaseByteArrayElements(aKeyBuffer, keyPtr, JNI_ABORT); } diff --git a/android/olm-sdk/src/main/jni/olm_utility.cpp b/android/olm-sdk/src/main/jni/olm_utility.cpp index f6fe719..da27eda 100644 --- a/android/olm-sdk/src/main/jni/olm_utility.cpp +++ b/android/olm-sdk/src/main/jni/olm_utility.cpp @@ -90,6 +90,7 @@ JNIEXPORT jstring OLM_UTILITY_FUNC_DEF(verifyEd25519SignatureJni)(JNIEnv *env, j jbyte* signaturePtr = NULL; jbyte* keyPtr = NULL; jbyte* messagePtr = NULL; + jboolean messageWasCopied = JNI_FALSE; LOGD("## verifyEd25519SignatureJni(): IN"); @@ -109,7 +110,7 @@ JNIEXPORT jstring OLM_UTILITY_FUNC_DEF(verifyEd25519SignatureJni)(JNIEnv *env, j { LOGE(" ## verifyEd25519SignatureJni(): failure - key JNI allocation OOM"); } - else if (!(messagePtr = env->GetByteArrayElements(aMessageBuffer, 0))) + else if (!(messagePtr = env->GetByteArrayElements(aMessageBuffer, &messageWasCopied))) { LOGE(" ## verifyEd25519SignatureJni(): failure - message JNI allocation OOM"); } @@ -152,6 +153,9 @@ JNIEXPORT jstring OLM_UTILITY_FUNC_DEF(verifyEd25519SignatureJni)(JNIEnv *env, j if (messagePtr) { + if (messageWasCopied) { + memset(messagePtr, 0, (size_t)env->GetArrayLength(aMessageBuffer)); + } env->ReleaseByteArrayElements(aMessageBuffer, messagePtr, JNI_ABORT); } @@ -171,6 +175,7 @@ JNIEXPORT jbyteArray OLM_UTILITY_FUNC_DEF(sha256Jni)(JNIEnv *env, jobject thiz, OlmUtility* utilityPtr = getUtilityInstanceId(env, thiz); jbyte* messagePtr = NULL; + jboolean messageWasCopied = JNI_FALSE; LOGD("## sha256Jni(): IN"); @@ -182,7 +187,7 @@ JNIEXPORT jbyteArray OLM_UTILITY_FUNC_DEF(sha256Jni)(JNIEnv *env, jobject thiz, { LOGE(" ## sha256Jni(): failure - invalid message parameters "); } - else if(!(messagePtr = env->GetByteArrayElements(aMessageToHashBuffer, 0))) + else if(!(messagePtr = env->GetByteArrayElements(aMessageToHashBuffer, &messageWasCopied))) { LOGE(" ## sha256Jni(): failure - message JNI allocation OOM"); } @@ -221,8 +226,11 @@ JNIEXPORT jbyteArray OLM_UTILITY_FUNC_DEF(sha256Jni)(JNIEnv *env, jobject thiz, if (messagePtr) { + if (messageWasCopied) { + memset(messagePtr, 0, (size_t)env->GetArrayLength(aMessageToHashBuffer)); + } env->ReleaseByteArrayElements(aMessageToHashBuffer, messagePtr, JNI_ABORT); } return sha256Ret; -}
\ No newline at end of file +} |