From 05920c5c5ffcedc435eeee29f6357c6b4fdc9c4f Mon Sep 17 00:00:00 2001 From: dec05eba <0xdec05eba@gmail.com> Date: Wed, 16 May 2018 11:00:10 +0200 Subject: Fix memory leak (mismatch free/delete/delete[]), fix invalid memory access --- src/DatabaseStorage.cpp | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) (limited to 'src/DatabaseStorage.cpp') diff --git a/src/DatabaseStorage.cpp b/src/DatabaseStorage.cpp index 016c498..ccf5d26 100644 --- a/src/DatabaseStorage.cpp +++ b/src/DatabaseStorage.cpp @@ -285,7 +285,7 @@ namespace odhtdb // TODO: There is no need to allocate/deallocate several times, this can be moved outside the while loop const void *decryptedDataRaw = sqlite3_column_blob(selectNodeAddDataAdditionalStmt, 0); int decryptedDataSize = sqlite3_column_bytes(selectNodeAddDataAdditionalStmt, 0); - OwnedMemory decryptedData(new u8[decryptedDataSize], decryptedDataSize); + OwnedByteArray decryptedData(new u8[decryptedDataSize], decryptedDataSize); memcpy(decryptedData.data, decryptedDataRaw, decryptedDataSize); const DatabaseAddNodeRequest addNodeRequest(&nodeHash, &requestHash, timestamp, &creatorPublicKey, DataView(decryptedData.data, decryptedData.size)); @@ -324,7 +324,7 @@ namespace odhtdb void DatabaseStorage::loadMetadataFromFile() { - OwnedMemory metadataFileContent = fileGetContent(metadataFilePath); + OwnedByteArray metadataFileContent = fileGetContent(metadataFilePath); sibs::SafeDeserializer deserializer((u8*)metadataFileContent.data, metadataFileContent.size); u16 storageVersion = deserializer.extract(); @@ -350,7 +350,7 @@ namespace odhtdb void DatabaseStorage::loadRemoteNodesFromFile() { - OwnedMemory remoteNodesFileContent = fileGetContent(remoteNodesFilePath); + OwnedByteArray remoteNodesFileContent = fileGetContent(remoteNodesFilePath); msgpack::unpacker pac; pac.reserve_buffer(remoteNodesFileContent.size); memcpy(pac.buffer(), remoteNodesFileContent.data, remoteNodesFileContent.size); @@ -846,7 +846,7 @@ namespace odhtdb void DatabaseStorage::storeUserWithoutNodes(const string &username, const string &password) { - OwnedMemory hashedPassword = hashPassword(DataView((void*)password.data(), password.size()), DataView((void*)passwordSalt, PASSWORD_SALT_LEN)); + OwnedByteArray hashedPassword = hashPassword(DataView((void*)password.data(), password.size()), DataView((void*)passwordSalt, PASSWORD_SALT_LEN)); DataView hashedPasswordView(hashedPassword.data, hashedPassword.size); DataView usernameView((void*)username.data(), username.size()); @@ -884,7 +884,7 @@ namespace odhtdb void DatabaseStorage::storeNodeInfoForUserEncrypted(const DatabaseNode &nodeInfo, const string &username, const string &password, const Signature::KeyPair &keyPair) { - OwnedMemory hashedPassword = hashPassword(DataView((void*)password.data(), password.size()), DataView((void*)passwordSalt, PASSWORD_SALT_LEN)); + OwnedByteArray hashedPassword = hashPassword(DataView((void*)password.data(), password.size()), DataView((void*)passwordSalt, PASSWORD_SALT_LEN)); DataView hashedPasswordView(hashedPassword.data, hashedPassword.size); DataView privateKeyView((void*)keyPair.getPrivateKey().getData(), PRIVATE_KEY_NUM_BYTES); @@ -929,7 +929,7 @@ namespace odhtdb MapHash DatabaseStorage::getStoredNodeUserInfoDecrypted(const string &username, const string &password) const { - OwnedMemory hashedPassword = hashPassword(DataView((void*)password.data(), password.size()), DataView((void*)passwordSalt, PASSWORD_SALT_LEN)); + OwnedByteArray hashedPassword = hashPassword(DataView((void*)password.data(), password.size()), DataView((void*)passwordSalt, PASSWORD_SALT_LEN)); DataView hashedPasswordView(hashedPassword.data, hashedPassword.size); i64 encryptedUserRowId = getStoredUserId(username, hashedPasswordView); @@ -953,7 +953,7 @@ namespace odhtdb throw DatabaseStorageException("Encrypted data size is of unexpected size"); Signature::PrivateKey userPrivateKey((const char*)decryptedStoredNodeUserPrivateKey.getDecryptedText().data, PRIVATE_KEY_NUM_BYTES); shared_ptr keyPair = make_shared(userPublicKey, userPrivateKey); - shared_ptr nodeEncryptionKey = make_shared(new u8[ENCRYPTION_KEY_BYTE_SIZE], ENCRYPTION_KEY_BYTE_SIZE); + shared_ptr nodeEncryptionKey = make_shared(new u8[ENCRYPTION_KEY_BYTE_SIZE], ENCRYPTION_KEY_BYTE_SIZE); memcpy(nodeEncryptionKey->data, (char*)decryptedStoredNodeUserPrivateKey.getDecryptedText().data + PRIVATE_KEY_NUM_BYTES, ENCRYPTION_KEY_BYTE_SIZE); result[nodeHash] = { nodeEncryptionKey, keyPair }; } @@ -965,7 +965,7 @@ namespace odhtdb return result; } - pair> DatabaseStorage::getNodeDecryptionKey(const Hash &nodeHash) + pair> DatabaseStorage::getNodeDecryptionKey(const Hash &nodeHash) { sqlite3_reset(getNodeDecryptionKeyStmt); sqlite3_clear_bindings(getNodeDecryptionKeyStmt); @@ -976,12 +976,12 @@ namespace odhtdb rc = sqlite3_step(getNodeDecryptionKeyStmt); if(rc != SQLITE_ROW) - return make_pair(false, make_shared()); + return make_pair(false, make_shared()); const void *decryptionKeyRaw = sqlite3_column_blob(getNodeDecryptionKeyStmt, 0); u8 *decryptionKeyRawCopy = new u8[ENCRYPTION_KEY_BYTE_SIZE]; memcpy(decryptionKeyRawCopy, decryptionKeyRaw, ENCRYPTION_KEY_BYTE_SIZE); - shared_ptr decryptionKey = make_shared(decryptionKeyRawCopy, ENCRYPTION_KEY_BYTE_SIZE); + shared_ptr decryptionKey = make_shared(decryptionKeyRawCopy, ENCRYPTION_KEY_BYTE_SIZE); return make_pair(true, decryptionKey); } @@ -1033,21 +1033,21 @@ namespace odhtdb fileOverwrite(remoteNodesFilePath, DataView(remoteNodePacker.serializer.getBuffer().data(), remoteNodePacker.serializer.getBuffer().size())); } - vector DatabaseStorage::getUserGroups(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const + vector DatabaseStorage::getUserGroups(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const { - vector result; + vector result; SqlQuery query(sqliteDb, "SELECT groupId FROM NodeUserGroupAssoc WHERE node = ? AND userPublicKey = ?", { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)userPublicKey.getData(), userPublicKey.getSize()) }); while(query.next()) { const DataView groupIdRaw = query.getBlob(0); - OwnedMemory groupId(new u8[groupIdRaw.size], groupIdRaw.size); + OwnedByteArray groupId(new u8[groupIdRaw.size], groupIdRaw.size); memcpy(groupId.data, groupIdRaw.data, groupIdRaw.size); result.emplace_back(move(groupId)); } return result; } - bool DatabaseStorage::decryptNodeData(const Hash &nodeHash, const shared_ptr decryptionKey) + bool DatabaseStorage::decryptNodeData(const Hash &nodeHash, const shared_ptr decryptionKey) { sqlite3_reset(selectNodeStmt); sqlite3_clear_bindings(selectNodeStmt); @@ -1076,7 +1076,7 @@ namespace odhtdb return decryptNodeData(nodeHash, decryptionKey, &creatorPublicKey, DataView(adminGroup, GROUP_ID_LENGTH), timestamp); } - bool DatabaseStorage::decryptNodeData(const Hash &nodeHash, const shared_ptr decryptionKey, const Signature::PublicKey *creatorPublicKey, const DataView &adminGroupId, u64 timestamp) + bool DatabaseStorage::decryptNodeData(const Hash &nodeHash, const shared_ptr decryptionKey, const Signature::PublicKey *creatorPublicKey, const DataView &adminGroupId, u64 timestamp) { const DatabaseCreateNodeRequest createNodeRequest(&nodeHash, timestamp, creatorPublicKey, adminGroupId); if(database->onCreateNodeCallbackFunc) @@ -1129,7 +1129,7 @@ namespace odhtdb // TODO: There is no need to allocate/deallocate several times, this can be moved outside the while loop const void *encryptedDataRaw = sqlite3_column_blob(selectNodeAddDataAdditionalStmt, 0); int encryptedDataSize = sqlite3_column_bytes(selectNodeAddDataAdditionalStmt, 0); - OwnedMemory encryptedData(new u8[encryptedDataSize], encryptedDataSize); + OwnedByteArray encryptedData(new u8[encryptedDataSize], encryptedDataSize); memcpy(encryptedData.data, encryptedDataRaw, encryptedDataSize); bool appendObjectResult = decryptNodeAddData(rowId, nodeHash, requestHash, timestamp, &creatorPublicKey, DataView(encryptedData.data, encryptedData.size), decryptionKey); @@ -1212,7 +1212,7 @@ namespace odhtdb sqlite_step_throw_on_failure(sqliteDb, setNodeAddDataAdditionalDataStmt, "set NodeAddData decrypted"); } - bool DatabaseStorage::decryptNodeAddData(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const DataView &encryptedData, const shared_ptr decryptionKey) + bool DatabaseStorage::decryptNodeAddData(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const DataView &encryptedData, const shared_ptr decryptionKey) { if(!isUserAllowedToAddDataInNode(nodeHash, *creatorPublicKey)) { @@ -1240,7 +1240,7 @@ namespace odhtdb return true; } - bool DatabaseStorage::decryptNodeAddUser(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const Signature::PublicKey *userToAddPublicKey, const DataView &groupToAddUserTo, const shared_ptr decryptionKey) + bool DatabaseStorage::decryptNodeAddUser(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const Signature::PublicKey *userToAddPublicKey, const DataView &groupToAddUserTo, const shared_ptr decryptionKey) { if(!isUserAllowedToAddUserToGroupInNode(nodeHash, *creatorPublicKey, groupToAddUserTo)) { -- cgit v1.2.3