From 05920c5c5ffcedc435eeee29f6357c6b4fdc9c4f Mon Sep 17 00:00:00 2001 From: dec05eba <0xdec05eba@gmail.com> Date: Wed, 16 May 2018 11:00:10 +0200 Subject: Fix memory leak (mismatch free/delete/delete[]), fix invalid memory access --- src/Database.cpp | 50 ++++++++++++++++++++++++++------------------------ 1 file changed, 26 insertions(+), 24 deletions(-) (limited to 'src/Database.cpp') diff --git a/src/Database.cpp b/src/Database.cpp index df11b3c..b4d0e12 100644 --- a/src/Database.cpp +++ b/src/Database.cpp @@ -41,26 +41,26 @@ namespace odhtdb RequestQuarantineException() : runtime_error("Request quarantine, will be processed later (can be real of fake request)") {} }; - OwnedMemory combine(sibs::SafeSerializer &headerSerializer, const Encryption &encryptedData) + OwnedByteArray combine(sibs::SafeSerializer &headerSerializer, const Encryption &encryptedData) { usize allocationSize = headerSerializer.getBuffer().size() + encryptedData.getNonce().size + encryptedData.getCipherText().size; - char *result = new char[allocationSize]; + u8 *result = new u8[allocationSize]; memcpy(result, headerSerializer.getBuffer().data(), headerSerializer.getBuffer().size()); memcpy(result + headerSerializer.getBuffer().size(), encryptedData.getNonce().data, encryptedData.getNonce().size); memcpy(result + headerSerializer.getBuffer().size() + encryptedData.getNonce().size, encryptedData.getCipherText().data, encryptedData.getCipherText().size); - return OwnedMemory(result, allocationSize); + return OwnedByteArray(result, allocationSize); } - OwnedMemory combine(const Signature::PublicKey &publicKey, const string &signedEncryptedData) + OwnedByteArray combine(const Signature::PublicKey &publicKey, const string &signedEncryptedData) { usize allocationSize = publicKey.getSize() + signedEncryptedData.size(); - char *result = new char[allocationSize]; + u8 *result = new u8[allocationSize]; memcpy(result, publicKey.getData(), publicKey.getSize()); memcpy(result + publicKey.getSize(), signedEncryptedData.data(), signedEncryptedData.size()); - return OwnedMemory(result, allocationSize); + return OwnedByteArray(result, allocationSize); } - DatabaseCreateResponse::DatabaseCreateResponse(std::shared_ptr _nodeAdminKeyPair, std::shared_ptr _nodeAdminGroupId, shared_ptr _key, shared_ptr _hash) : + DatabaseCreateResponse::DatabaseCreateResponse(std::shared_ptr _nodeAdminKeyPair, std::shared_ptr _nodeAdminGroupId, shared_ptr _key, shared_ptr _hash) : nodeAdminKeyPair(_nodeAdminKeyPair), nodeAdminGroupId(_nodeAdminGroupId), key(_key), @@ -74,12 +74,12 @@ namespace odhtdb return nodeAdminKeyPair; } - const shared_ptr DatabaseCreateResponse::getNodeAdminGroupId() const + const shared_ptr DatabaseCreateResponse::getNodeAdminGroupId() const { return nodeAdminGroupId; } - const shared_ptr DatabaseCreateResponse::getNodeEncryptionKey() const + const shared_ptr DatabaseCreateResponse::getNodeEncryptionKey() const { return key; } @@ -336,25 +336,27 @@ namespace odhtdb bool iHaveCreateNode = databaseStorage.doesNodeExist(*nodeToSeed.getRequestHash()); serializer.add(iHaveCreateNode ? (u8)0 : (u8)1); serializer.add(fetchOrder); - DataViewMap userLatestActionCounter; + Signature::MapPublicKey userLatestActionCounter; - databaseStorage.fetchNodeUserActionGaps(*nodeToSeed.getRequestHash(), [&serializer, &userLatestActionCounter](const DataView userPublicKey, u64 actionGapStart, u64 actionGapRange) + databaseStorage.fetchNodeUserActionGaps(*nodeToSeed.getRequestHash(), [&serializer, &userLatestActionCounter](const DataView userPublicKeyRaw, u64 actionGapStart, u64 actionGapRange) { - serializer.add((const u8*)userPublicKey.data, PUBLIC_KEY_NUM_BYTES); + serializer.add((const u8*)userPublicKeyRaw.data, PUBLIC_KEY_NUM_BYTES); serializer.add(actionGapStart); serializer.add(actionGapRange); + Signature::PublicKey userPublicKey((const char*)userPublicKeyRaw.data, userPublicKeyRaw.size); userLatestActionCounter[userPublicKey] = std::max(userLatestActionCounter[userPublicKey], actionGapStart + actionGapRange); }); - databaseStorage.fetchNodeUserLatestActionCounter(*nodeToSeed.getRequestHash(), [&userLatestActionCounter](const DataView userPublicKey, u64 latestActionCounter) + databaseStorage.fetchNodeUserLatestActionCounter(*nodeToSeed.getRequestHash(), [&userLatestActionCounter](const DataView userPublicKeyRaw, u64 latestActionCounter) { + Signature::PublicKey userPublicKey((const char*)userPublicKeyRaw.data, userPublicKeyRaw.size); userLatestActionCounter[userPublicKey] = std::max(userLatestActionCounter[userPublicKey], latestActionCounter); }); for(auto userLatestActionCounterData : userLatestActionCounter) { // Public key - serializer.add((const u8*)userLatestActionCounterData.first.data, PUBLIC_KEY_NUM_BYTES); + serializer.add((const u8*)userLatestActionCounterData.first.getData(), PUBLIC_KEY_NUM_BYTES); // Latest action counter start serializer.add(userLatestActionCounterData.second); // Latest action counter range (infinite range, meaning we want all packets older than start (latest known packet by user)) @@ -407,7 +409,7 @@ namespace odhtdb { unsigned char *encryptionKeyRaw = new unsigned char[ENCRYPTION_KEY_BYTE_SIZE]; Encryption::generateKey(encryptionKeyRaw); - shared_ptr encryptionKey = make_shared(encryptionKeyRaw, ENCRYPTION_KEY_BYTE_SIZE); + shared_ptr encryptionKey = make_shared(encryptionKeyRaw, ENCRYPTION_KEY_BYTE_SIZE); shared_ptr hashRequestKey = make_shared(serializer.getBuffer().data(), serializer.getBuffer().size()); databaseStorage.setNodeDecryptionKey(*hashRequestKey, DataView(encryptionKey->data, encryptionKey->size)); @@ -422,7 +424,7 @@ namespace odhtdb Log::warn("Failed to put: %s, what to do?", "Database::create"); }); - shared_ptr adminGroupIdResponse = make_shared(new u8[GROUP_ID_LENGTH], GROUP_ID_LENGTH); + shared_ptr adminGroupIdResponse = make_shared(new u8[GROUP_ID_LENGTH], GROUP_ID_LENGTH); memcpy(adminGroupIdResponse->data, adminGroupId.data, GROUP_ID_LENGTH); return make_unique(creatorKeyPair, adminGroupIdResponse, encryptionKey, hashRequestKey); } @@ -444,9 +446,9 @@ namespace odhtdb DataView encryptionKey(nodeInfo.getNodeEncryptionKey()->data, ENCRYPTION_KEY_BYTE_SIZE); Encryption encryptedBody(dataToAdd, encryptionKey); - OwnedMemory requestData = combine(serializer, encryptedBody); + OwnedByteArray requestData = combine(serializer, encryptedBody); string signedRequestData = userToPerformActionWith.getPrivateKey().sign(requestData.getView()); - OwnedMemory stagedAddObject = combine(userToPerformActionWith.getPublicKey(), signedRequestData); + OwnedByteArray stagedAddObject = combine(userToPerformActionWith.getPublicKey(), signedRequestData); Hash requestDataHash(stagedAddObject.data, stagedAddObject.size); DataView encryptedDataView((char*)requestData.data + serializer.getBuffer().size(), requestData.size - serializer.getBuffer().size()); databaseStorage.appendStorage(*nodeInfo.getRequestHash(), requestDataHash, DatabaseOperation::ADD_DATA, newActionCounter, userToPerformActionWith.getPublicKey(), timestampCombined, (u8*)stagedAddObject.data, stagedAddObject.size, encryptedDataView); @@ -480,7 +482,7 @@ namespace odhtdb DataView requestData { serializer.getBuffer().data(), serializer.getBuffer().size() }; string signedRequestData = userToPerformActionWith.getPrivateKey().sign(requestData); - OwnedMemory stagedAddObject = combine(userToPerformActionWith.getPublicKey(), signedRequestData); + OwnedByteArray stagedAddObject = combine(userToPerformActionWith.getPublicKey(), signedRequestData); Hash requestDataHash(stagedAddObject.data, stagedAddObject.size); DataView additionalDataView((void*)(static_cast(requestData.data) + additionalDataOffset), requestData.size - additionalDataOffset); databaseStorage.appendStorage(*nodeInfo.getRequestHash(), requestDataHash, DatabaseOperation::ADD_USER, newActionCounter, userToPerformActionWith.getPublicKey(), timestampCombined, (u8*)stagedAddObject.data, stagedAddObject.size, additionalDataView); @@ -511,7 +513,7 @@ namespace odhtdb return timestamp; } - void Database::deserializeCreateRequest(const shared_ptr &value, const Hash &hash, const shared_ptr encryptionKey) + void Database::deserializeCreateRequest(const shared_ptr &value, const Hash &hash, const shared_ptr encryptionKey) { sibs::SafeDeserializer deserializer(value->data.data(), value->data.size()); u16 packetStructureVersion = deserializer.extract(); @@ -551,7 +553,7 @@ namespace odhtdb databaseStorage.createStorage(hash, userPublicKey, DataView(adminGroupId, GROUP_ID_LENGTH), creationDate, value->data.data(), value->data.size()); } - void Database::deserializeAddRequest(const shared_ptr &value, const Hash &requestDataHash, const std::shared_ptr &nodeHash, const shared_ptr encryptionKey) + void Database::deserializeAddRequest(const shared_ptr &value, const Hash &requestDataHash, const std::shared_ptr &nodeHash, const shared_ptr encryptionKey) { sibs::SafeDeserializer deserializer(value->data.data(), value->data.size()); char creatorPublicKeyRaw[PUBLIC_KEY_NUM_BYTES]; @@ -593,7 +595,7 @@ namespace odhtdb databaseStorage.appendStorage(*nodeHash, requestDataHash, operation, newActionCounter, creatorPublicKey, creationDate, value->data.data(), value->data.size(), additionalDataView); } - bool Database::listenCreateData(shared_ptr value, const Hash &hash, const shared_ptr encryptionKey) + bool Database::listenCreateData(shared_ptr value, const Hash &hash, const shared_ptr encryptionKey) { Log::debug("Got create data"); try @@ -611,7 +613,7 @@ namespace odhtdb return true; } - bool Database::listenAddData(shared_ptr value, const Hash &requestDataHash, const std::shared_ptr nodeHash, const shared_ptr encryptionKey) + bool Database::listenAddData(shared_ptr value, const Hash &requestDataHash, const std::shared_ptr nodeHash, const shared_ptr encryptionKey) { Log::debug("Got add data"); try @@ -653,7 +655,7 @@ namespace odhtdb return databaseStorage.getStoredNodeUserInfoDecrypted(username, password); } - vector Database::getUserGroups(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const + vector Database::getUserGroups(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const { return databaseStorage.getUserGroups(nodeHash, userPublicKey); } -- cgit v1.2.3