taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix use after free issue

Browse Source
This commit is contained in:
Christian Grothoff 2021-01-15 16:18:25 +01:00
parent 33835b124b
commit 59ddec5173
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
1 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/exchange/taler-exchange-httpd_keys.c
View File

@ -275,7 +275,7 @@ struct TEH_KeyStateHandle
* Information we track for thecrypto helpers. Preserved * Information we track for thecrypto helpers. Preserved
* when the @e key_generation changes, thus kept separate. * when the @e key_generation changes, thus kept separate.
*/ */
struct HelperState helpers; struct HelperState *helpers;
/** /**
* For which (global) key_generation was this data structure created? * For which (global) key_generation was this data structure created?
@ -851,7 +851,10 @@ destroy_key_state (struct TEH_KeyStateHandle *ksh,
ksh->management_keys_reply = NULL; ksh->management_keys_reply = NULL;
} }
if (free_helper) if (free_helper)
destroy_key_helpers (&ksh->helpers); {
destroy_key_helpers (ksh->helpers);
GNUNET_free (ksh->helpers);
}
GNUNET_free (ksh); GNUNET_free (ksh);
} }
@ -1631,8 +1634,9 @@ build_key_state (struct HelperState *hs,
ksh->key_generation = key_generation; ksh->key_generation = key_generation;
if (NULL == hs) if (NULL == hs)
{ {
ksh->helpers = GNUNET_new (struct HelperState);
if (GNUNET_OK != if (GNUNET_OK !=
setup_key_helpers (&ksh->helpers)) setup_key_helpers (ksh->helpers))
{ {
GNUNET_free (ksh); GNUNET_free (ksh);
return NULL; return NULL;
@ -1640,7 +1644,7 @@ build_key_state (struct HelperState *hs,
} }
else else
{ {
ksh->helpers = *hs; ksh->helpers = hs;
} }
ksh->denomkey_map = GNUNET_CONTAINER_multihashmap_create (1024, ksh->denomkey_map = GNUNET_CONTAINER_multihashmap_create (1024,
GNUNET_YES); GNUNET_YES);
@ -1754,7 +1758,7 @@ get_key_state (bool management_only)
"Rebuilding /keys, generation upgrade from %llu to %llu\n", "Rebuilding /keys, generation upgrade from %llu to %llu\n",
(unsigned long long) old_ksh->key_generation, (unsigned long long) old_ksh->key_generation,
(unsigned long long) key_generation); (unsigned long long) key_generation);
ksh = build_key_state (&old_ksh->helpers, ksh = build_key_state (old_ksh->helpers,
management_only); management_only);
if (0 != pthread_setspecific (key_state, if (0 != pthread_setspecific (key_state,
ksh)) ksh))
@ -1770,7 +1774,7 @@ get_key_state (bool management_only)
false); false);
return ksh; return ksh;
} }
sync_key_helpers (&old_ksh->helpers); sync_key_helpers (old_ksh->helpers);
return old_ksh; return old_ksh;
} }
@ -1849,7 +1853,7 @@ TEH_keys_denomination_sign (const struct GNUNET_HashCode *h_denom_pub,
*ec = TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING; *ec = TALER_EC_EXCHANGE_GENERIC_KEYS_MISSING;
return none; return none;
} }
return TALER_CRYPTO_helper_denom_sign (ksh->helpers.dh, return TALER_CRYPTO_helper_denom_sign (ksh->helpers->dh,
h_denom_pub, h_denom_pub,
msg, msg,
msg_size, msg_size,
@ -1868,7 +1872,7 @@ TEH_keys_denomination_revoke (const struct GNUNET_HashCode *h_denom_pub)
GNUNET_break (0); GNUNET_break (0);
return; return;
} }
TALER_CRYPTO_helper_denom_revoke (ksh->helpers.dh, TALER_CRYPTO_helper_denom_revoke (ksh->helpers->dh,
h_denom_pub); h_denom_pub);
TEH_keys_update_states (); TEH_keys_update_states ();
} }
@ -1907,7 +1911,7 @@ TEH_keys_exchange_sign2_ (
{ {
enum TALER_ErrorCode ec; enum TALER_ErrorCode ec;
ec = TALER_CRYPTO_helper_esign_sign_ (ksh->helpers.esh, ec = TALER_CRYPTO_helper_esign_sign_ (ksh->helpers->esh,
purpose, purpose,
pub, pub,
sig); sig);
@ -1951,7 +1955,7 @@ TEH_keys_exchange_revoke (const struct TALER_ExchangePublicKeyP *exchange_pub)
GNUNET_break (0); GNUNET_break (0);
return; return;
} }
TALER_CRYPTO_helper_esign_revoke (ksh->helpers.esh, TALER_CRYPTO_helper_esign_revoke (ksh->helpers->esh,
exchange_pub); exchange_pub);
TEH_keys_update_states (); TEH_keys_update_states ();
} }
@ -2214,7 +2218,7 @@ TEH_keys_load_fees (const struct GNUNET_HashCode *h_denom_pub,
return GNUNET_SYSERR; return GNUNET_SYSERR;
} }
hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers.denom_keys, hd = GNUNET_CONTAINER_multihashmap_get (ksh->helpers->denom_keys,
h_denom_pub); h_denom_pub);
meta->start = hd->start_time; meta->start = hd->start_time;
meta->expire_withdraw = GNUNET_TIME_absolute_add (meta->start, meta->expire_withdraw = GNUNET_TIME_absolute_add (meta->start,
@ -2247,7 +2251,7 @@ TEH_keys_get_timing (const struct TALER_ExchangePublicKeyP *exchange_pub,
} }
pid.public_key = exchange_pub->eddsa_pub; pid.public_key = exchange_pub->eddsa_pub;
hsk = GNUNET_CONTAINER_multipeermap_get (ksh->helpers.esign_keys, hsk = GNUNET_CONTAINER_multipeermap_get (ksh->helpers->esign_keys,
&pid); &pid);
meta->start = hsk->start_time; meta->start = hsk->start_time;
meta->expire_sign = GNUNET_TIME_absolute_add (meta->start, meta->expire_sign = GNUNET_TIME_absolute_add (meta->start,
@ -2427,10 +2431,10 @@ TEH_keys_management_get_handler (const struct TEH_RequestHandler *rh,
GNUNET_assert (NULL != fbc.denoms); GNUNET_assert (NULL != fbc.denoms);
GNUNET_assert (NULL != fbc.signkeys); GNUNET_assert (NULL != fbc.signkeys);
GNUNET_CONTAINER_multihashmap_iterate (ksh->helpers.denom_keys, GNUNET_CONTAINER_multihashmap_iterate (ksh->helpers->denom_keys,
&add_future_denomkey_cb, &add_future_denomkey_cb,
&fbc); &fbc);
GNUNET_CONTAINER_multipeermap_iterate (ksh->helpers.esign_keys, GNUNET_CONTAINER_multipeermap_iterate (ksh->helpers->esign_keys,
&add_future_signkey_cb, &add_future_signkey_cb,
&fbc); &fbc);
reply = json_pack ( reply = json_pack (