Git-Mirrors/RetroShare
1
0
Fork 0
mirror of https://github.com/RetroShare/RetroShare.git synced 2024-10-01 02:35:48 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #253 from csoler/v0.6-SecurityReview

Browse Source 
V0.6 security review
This commit is contained in:
Cyril Soler 2016-01-13 10:20:51 -05:00
commit 4916496008
49 changed files with 555 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libbitdht/src/bitdht/bdnode.cc
View File

@ -2399,6 +2399,13 @@ bdNodeNetMsg::bdNodeNetMsg(char *msg, int len, struct sockaddr_in *in_addr)
:data(NULL), mSize(len), addr(*in_addr)
{
data = (char *) malloc(len);
if(data == NULL)
{
std::cerr << "(EE) " << __PRETTY_FUNCTION__ << ": ERROR. cannot allocate memory for " << len << " bytes." << std::endl;
return ;
}
memcpy(data, msg, len);
//print(std::cerr);
}

26
libbitdht/src/bitdht/bencode.c
View File

@ -20,6 +20,7 @@
*/
#include <stdio.h>
#include <iostream>
#include <stdlib.h> /* malloc() realloc() free() strtoll() */
#include <string.h> /* memset() */
#include "util/bdstring.h"
@ -111,6 +112,13 @@ static char *_be_decode_str(const char **data, long long *data_len)
if (**data == ':') {
char *_ret = (char *) malloc(sizeof(sllen) + len + 1);
if(_ret == NULL)
{
std::cerr << "(EE) " << __PRETTY_FUNCTION__ << ": ERROR. cannot allocate memory for " << len+1+sizeof(sllen) << " bytes." << std::endl;
return NULL;
}
memcpy(_ret, &sllen, sizeof(sllen));
ret = _ret + sizeof(sllen);
memcpy(ret, *data + 1, len);
@ -500,6 +508,12 @@ be_node *be_create_str(const char *str)
int len = strlen(str);
long long int sllen = len;
char *_ret = (char *) malloc(sizeof(sllen) + len + 1);
if(_ret == NULL)
{
std::cerr << "(EE) " << __PRETTY_FUNCTION__ << ": ERROR. cannot allocate memory for " << len+1+sizeof(sllen) << " bytes." << std::endl;
return NULL;
}
char *ret = NULL;
memcpy(_ret, &sllen, sizeof(sllen));
@ -519,6 +533,12 @@ be_node *be_create_str_wlen(const char *str, int len) /* not including \0 */
be_node *n = be_alloc(BE_STR);
long long int sllen = len;
char *_ret = (char *) malloc(sizeof(sllen) + len + 1);
if(_ret == NULL)
{
std::cerr << "(EE) " << __PRETTY_FUNCTION__ << ": ERROR. cannot allocate memory for " << len+1+sizeof(sllen) << " bytes." << std::endl;
return NULL;
}
char *ret = NULL;
memcpy(_ret, &sllen, sizeof(sllen));
@ -561,6 +581,12 @@ int be_add_keypair(be_node *dict, const char *str, be_node *node)
int len = strlen(str);
long long int sllen = len;
char *_ret = (char *) malloc(sizeof(sllen) + len + 1);
if(_ret == NULL)
{
std::cerr << "(EE) " << __PRETTY_FUNCTION__ << ": ERROR. cannot allocate memory for " << len+1+sizeof(sllen) << " bytes." << std::endl;
return 0;
}
char *ret = NULL;
//fprintf(stderr, "be_add_keypair() key len = %d\n",len);

10
libbitdht/src/udp/udplayer.cc
View File

@ -66,7 +66,11 @@ class udpPacket
:raddr(*addr), len(dlen)
{
data = malloc(len);
if(data != NULL)
memcpy(data, dta, len);
else
std::cerr << "(EE) error in memory allocation in " << __PRETTY_FUNCTION__ << std::endl;
}
~udpPacket()
@ -242,6 +246,12 @@ void UdpLayer::recv_loop()
int maxsize = 16000;
void *inbuf = malloc(maxsize);
if(inbuf == NULL)
{
std::cerr << "(EE) Error in memory allocation of size " << maxsize << " in " << __PRETTY_FUNCTION__ << std::endl;
return ;
}
int status;
struct timeval timeout;

14
libbitdht/src/util/bdbloom.cc
View File

@ -100,6 +100,13 @@ int bloomFilter::setFilterBits(const std::string &hex)
// convert to binary array.
uint8_t *tmparray = (uint8_t *) malloc(bytes);
if(tmparray == NULL)
{
std::cerr << "(EE) Error. Cannot allocate memory for " << bytes << " bytes in " << __PRETTY_FUNCTION__ << std::endl;
return 0;
}
uint32_t i = 0;
for(i = 0; i < bytes; i++)
@ -139,6 +146,13 @@ std::string bloomFilter::getFilter()
// convert to binary array.
uint8_t *tmparray = (uint8_t *) malloc(bytes);
if(tmparray == NULL)
{
std::cerr << "(EE) Error. Cannot allocate memory for " << bytes << " bytes in " << __PRETTY_FUNCTION__ << std::endl;
return std::string();
}
int i,j;
for(i = 0; i < bytes; i++)

7
libretroshare/src/dbase/fimonitor.cc
View File

@ -29,6 +29,7 @@
#include "rsserver/p3face.h"
#include "dbase/fimonitor.h"
#include "util/rsdir.h"
#include "util/rsmemory.h"
#include "pqi/authssl.h"
#include "serialiser/rsserviceids.h"
#include "retroshare/rsiface.h"
@ -128,13 +129,11 @@ HashCache::HashCache(const std::string& path)
// read the binary stream into memory.
//
void *buffer = malloc(file_size) ;
void *buffer = rs_malloc(file_size) ;
if(buffer == NULL)
{
std::cerr << "Cannot allocate memory for reading encrypted file cache, bytes=" << file_size << std::endl;
return ;
}
FILE *F = fopen( (_path+".bin").c_str(),"rb") ;
if (!F)
{

9
libretroshare/src/ft/ftcontroller.cc
View File

@ -39,6 +39,7 @@
#include "util/rsstring.h"
#endif
#include "util/rsdiscspace.h"
#include "util/rsmemory.h"
#include "ft/ftcontroller.h"
@ -747,8 +748,14 @@ bool ftController::copyFile(const std::string& source,const std::string& dest)
size_t T=0;
static const int BUFF_SIZE = 10485760 ; // 10 MB buffer to speed things up.
void *buffer = malloc(BUFF_SIZE) ;
void *buffer = rs_malloc(BUFF_SIZE) ;
if(buffer == NULL)
{
fclose (in);
fclose (out);
return false ;
}
bool bRet = true;
while( (s = fread(buffer,1,BUFF_SIZE,in)) > 0)

7
libretroshare/src/ft/ftdatamultiplex.cc
View File

@ -35,6 +35,7 @@
#include "ft/ftfileprovider.h"
#include "ft/ftsearch.h"
#include "util/rsdir.h"
#include "util/rsmemory.h"
#include <retroshare/rsturtle.h>
#include <time.h>
@ -878,13 +879,11 @@ bool ftDataMultiplex::locked_handleServerRequest(ftFileProvider *provider, const
std::cerr << "Warning: peer " << peerId << " is asking a large chunk (s=" << chunksize << ") for hash " << hash << ", filesize=" << size << ". This is unexpected." << std::endl ;
return false ;
}
void *data = malloc(chunksize);
void *data = rs_malloc(chunksize);
if(data == NULL)
{
std::cerr << "WARNING: Could not allocate data for a chunksize of " << chunksize << std::endl ;
return false ;
}
#ifdef MPLEX_DEBUG
std::cerr << "ftDataMultiplex::locked_handleServerRequest()";
std::cerr << "\t peer: " << peerId << " hash: " << hash;

12
libretroshare/src/ft/ftserver.cc
View File

@ -465,6 +465,8 @@ RsTurtleGenericTunnelItem *ftServer::deserialiseItem(void *data,uint32_t size) c
return NULL; /* wrong type */
}
try
{
switch(getRsItemSubType(rstype))
{
case RS_TURTLE_SUBTYPE_FILE_REQUEST : return new RsTurtleFileRequestItem(data,size) ;
@ -475,6 +477,13 @@ RsTurtleGenericTunnelItem *ftServer::deserialiseItem(void *data,uint32_t size) c
case RS_TURTLE_SUBTYPE_CHUNK_CRC : return new RsTurtleChunkCrcItem(data,size) ;
default:
return NULL ;
}
}
catch(std::exception& e)
{
std::cerr << "(EE) deserialisation error in " << __PRETTY_FUNCTION__ << ": " << e.what() << std::endl;
return NULL ;
}
}
@ -1093,11 +1102,10 @@ bool ftServer::sendData(const RsPeerId& peerId, const RsFileHash& hash, uint64_t
item->chunk_offset = offset+baseoffset ;
item->chunk_size = chunk;
item->chunk_data = malloc(chunk) ;
item->chunk_data = rs_malloc(chunk) ;
if(item->chunk_data == NULL)
{
std::cerr << "p3turtle: Warning: failed malloc of " << chunk << " bytes for sending data packet." << std::endl ;
delete item;
return false;
}

17
libretroshare/src/ft/ftturtlefiletransferitem.cc
View File

@ -26,6 +26,7 @@
#include <iostream>
#include <stdexcept>
#include <util/rsmemory.h>
#include <serialiser/itempriorities.h>
#include <ft/ftturtlefiletransferitem.h>
@ -422,14 +423,24 @@ RsTurtleFileDataItem::RsTurtleFileDataItem(void *data,uint32_t pktsize)
uint32_t offset = 8; // skip the header
uint32_t rssize = getRsItemSize(data);
/* add mandatory parts first */
bool ok = true ;
if(rssize > pktsize)
ok = false ;
/* add mandatory parts first */
ok &= getRawUInt32(data, pktsize, &offset, &tunnel_id) ;
ok &= getRawUInt64(data, pktsize, &offset, &chunk_offset);
ok &= getRawUInt32(data, pktsize, &offset, &chunk_size);
chunk_data = (void*)malloc(chunk_size) ;
if(chunk_size > rssize || rssize - chunk_size < offset)
throw std::runtime_error("RsTurtleFileDataItem::() error while deserializing.") ;
chunk_data = (void*)rs_malloc(chunk_size) ;
if(chunk_data == NULL)
throw std::runtime_error("RsTurtleFileDataItem::() cannot allocate memory.") ;
memcpy(chunk_data,(void*)((unsigned char*)data+offset),chunk_size) ;
offset += chunk_size ;

32
libretroshare/src/grouter/grouteritems.cc
View File

@ -66,6 +66,12 @@ RsGRouterTransactionChunkItem *RsGRouterSerialiser::deserialise_RsGRouterTransac
uint32_t rssize = getRsItemSize(data);
bool ok = true ;
if(tlvsize < rssize)
{
std::cerr << __PRETTY_FUNCTION__ << ": wrong encoding of item size. Serialisation error!" << std::endl;
return NULL ;
}
RsGRouterTransactionChunkItem *item = new RsGRouterTransactionChunkItem() ;
/* add mandatory parts first */
@ -74,15 +80,14 @@ RsGRouterTransactionChunkItem *RsGRouterSerialiser::deserialise_RsGRouterTransac
ok &= getRawUInt32(data, tlvsize, &offset, &item->chunk_size);
ok &= getRawUInt32(data, tlvsize, &offset, &item->total_size);
if( NULL == (item->chunk_data = (uint8_t*)malloc(item->chunk_size)))
if(item->chunk_size > rssize || offset > rssize - item->chunk_size) // better than if(item->chunk_size + offset > rssize)
{
std::cerr << __PRETTY_FUNCTION__ << ": Cannot allocate memory for chunk " << item->chunk_size << std::endl;
std::cerr << __PRETTY_FUNCTION__ << ": Cannot read beyond item size. Serialisation error!" << std::endl;
delete item;
return NULL ;
}
if(item->chunk_size + offset > rssize)
if( NULL == (item->chunk_data = (uint8_t*)rs_malloc(item->chunk_size)))
{
std::cerr << __PRETTY_FUNCTION__ << ": Cannot read beyond item size. Serialisation error!" << std::endl;
delete item;
return NULL ;
}
@ -125,6 +130,11 @@ RsGRouterGenericDataItem *RsGRouterSerialiser::deserialise_RsGRouterGenericDataI
uint32_t rssize = getRsItemSize(data);
bool ok = true ;
if(pktsize < rssize)
{
std::cerr << __PRETTY_FUNCTION__ << ": wrong encoding of item size. Serialisation error!" << std::endl;
return NULL ;
}
RsGRouterGenericDataItem *item = new RsGRouterGenericDataItem() ;
ok &= getRawUInt64(data, pktsize, &offset, &item->routing_id);
@ -132,16 +142,15 @@ RsGRouterGenericDataItem *RsGRouterSerialiser::deserialise_RsGRouterGenericDataI
ok &= getRawUInt32(data, pktsize, &offset, &item->service_id);
ok &= getRawUInt32(data, pktsize, &offset, &item->data_size);
if( NULL == (item->data_bytes = (uint8_t*)malloc(item->data_size)))
if(item->data_size > rssize || offset > rssize - item->data_size) // better than if(item->data_size + offset > rssize)
{
std::cerr << __PRETTY_FUNCTION__ << ": Cannot allocate memory for chunk " << item->data_size << std::endl;
std::cerr << __PRETTY_FUNCTION__ << ": Cannot read beyond item size. Serialisation error!" << std::endl;
delete item;
return NULL ;
}
if(item->data_size + offset > rssize)
if( NULL == (item->data_bytes = (uint8_t*)rs_malloc(item->data_size)))
{
std::cerr << __PRETTY_FUNCTION__ << ": Cannot read beyond item size. Serialisation error!" << std::endl;
delete item;
return NULL ;
}
@ -337,8 +346,13 @@ RsGRouterGenericDataItem *RsGRouterGenericDataItem::duplicate() const
// then duplicate the memory chunk
item->data_bytes = (uint8_t*)malloc(data_size) ;
if(data_size > 0)
{
item->data_bytes = (uint8_t*)rs_malloc(data_size) ;
memcpy(item->data_bytes,data_bytes,data_size) ;
}
else
item->data_bytes = NULL ;
return item ;
}

8
libretroshare/src/grouter/grouteritems.h
View File

@ -25,6 +25,8 @@
#pragma once
#include "util/rsmemory.h"
#include "serialiser/rsserial.h"
#include "serialiser/rstlvkeys.h"
#include "serialiser/rsserviceids.h"
@ -194,7 +196,11 @@ class RsGRouterTransactionChunkItem: public RsGRouterTransactionItem, public RsG
{
RsGRouterTransactionChunkItem *item = new RsGRouterTransactionChunkItem ;
*item = *this ; // copy all fields
item->chunk_data = (uint8_t*)malloc(chunk_size) ; // deep copy memory chunk
item->chunk_data = (uint8_t*)rs_malloc(chunk_size) ; // deep copy memory chunk
if(item->chunk_data == NULL)
return NULL ;
memcpy(item->chunk_data,chunk_data,chunk_size) ;
return item ;
}

15
libretroshare/src/grouter/p3grouter.cc
View File

@ -1121,13 +1121,11 @@ bool p3GRouter::locked_sendTransactionData(const RsPeerId& pid,const RsGRouterTr
std::cerr << " sending to tunnel vpid " << pid << std::endl;
#endif
uint32_t turtle_data_size = trans_item.serial_size() ;
uint8_t *turtle_data = (uint8_t*)malloc(turtle_data_size) ;
uint8_t *turtle_data = (uint8_t*)rs_malloc(turtle_data_size) ;
if(turtle_data == NULL)
{
std::cerr << " ERROR: Cannot allocate turtle data memory for size " << turtle_data_size << std::endl;
return false ;
}
if(!trans_item.serialise(turtle_data,turtle_data_size))
{
std::cerr << " ERROR: cannot serialise RsGRouterTransactionChunkItem." << std::endl;
@ -1304,14 +1302,13 @@ bool p3GRouter::sliceDataItem(RsGRouterAbstractMsgItem *item,std::list<RsGRouter
chunk_item->total_size = size;
chunk_item->chunk_start= offset;
chunk_item->chunk_size = chunk_size ;
chunk_item->chunk_data = (uint8_t*)malloc(chunk_size) ;
chunk_item->chunk_data = (uint8_t*)rs_malloc(chunk_size) ;
#ifdef GROUTER_DEBUG
std::cerr << " preparing to send a chunk [" << offset << " -> " << offset + chunk_size << " / " << size << "]" << std::endl;
#endif
if(chunk_item->chunk_data == NULL)
{
std::cerr << " ERROR: Cannot allocate memory for size " << chunk_size << std::endl;
delete chunk_item;
throw ;
}
@ -1921,7 +1918,11 @@ bool p3GRouter::sendData(const RsGxsId& destination,const GRouterServiceId& clie
RsGRouterGenericDataItem *data_item = new RsGRouterGenericDataItem ;
data_item->data_bytes = (uint8_t*)malloc(data_size) ;
data_item->data_bytes = (uint8_t*)rs_malloc(data_size) ;
if(data_item->data_bytes == NULL)
return false ;
memcpy(data_item->data_bytes,data,data_size) ;
data_item->data_size = data_size ;

22
libretroshare/src/gxs/gxssecurity.cc
View File

@ -444,7 +444,11 @@ bool GxsSecurity::encrypt(uint8_t *& out, uint32_t &outlen, const uint8_t *in, u
int out_offset = 0;
int max_evp_key_size = EVP_PKEY_size(public_key);
ek = (unsigned char*)malloc(max_evp_key_size);
ek = (unsigned char*)rs_malloc(max_evp_key_size);
if(ek == NULL)
return false ;
const EVP_CIPHER *cipher = EVP_aes_128_cbc();
int cipher_block_size = EVP_CIPHER_block_size(cipher);
int size_net_ekl = sizeof(net_ekl);
@ -455,13 +459,10 @@ bool GxsSecurity::encrypt(uint8_t *& out, uint32_t &outlen, const uint8_t *in, u
if(!EVP_SealInit(&ctx, EVP_aes_128_cbc(), &ek, &eklen, iv, &public_key, 1)) return false;
// now assign memory to out accounting for data, and cipher block size, key length, and key length val
out = (uint8_t*)malloc(inlen + cipher_block_size + size_net_ekl + eklen + EVP_MAX_IV_LENGTH);
out = (uint8_t*)rs_malloc(inlen + cipher_block_size + size_net_ekl + eklen + EVP_MAX_IV_LENGTH);
if(out == NULL)
{
std::cerr << "gxssecurity::encrypt(): cnnot allocate memory of size " << inlen + cipher_block_size + size_net_ekl + eklen + EVP_MAX_IV_LENGTH << " to encrypt data." << std::endl;
return false ;
}
net_ekl = htonl(eklen);
memcpy((unsigned char*)out + out_offset, &net_ekl, size_net_ekl);
@ -540,7 +541,11 @@ bool GxsSecurity::decrypt(uint8_t *& out, uint32_t & outlen, const uint8_t *in,
EVP_CIPHER_CTX ctx;
int eklen = 0, net_ekl = 0;
unsigned char *ek = (unsigned char*)malloc(EVP_PKEY_size(privateKey));
unsigned char *ek = (unsigned char*)rs_malloc(EVP_PKEY_size(privateKey));
if(ek == NULL)
return false ;
unsigned char iv[EVP_MAX_IV_LENGTH];
EVP_CIPHER_CTX_init(&ctx);
@ -574,13 +579,10 @@ bool GxsSecurity::decrypt(uint8_t *& out, uint32_t & outlen, const uint8_t *in,
std::cerr << "Severe error in " << __PRETTY_FUNCTION__ << ": cannot encrypt. " << std::endl;
return false ;
}
out = (uint8_t*)malloc(inlen - in_offset);
out = (uint8_t*)rs_malloc(inlen - in_offset);
if(out == NULL)
{
std::cerr << "gxssecurity::decrypt(): cannot allocate memory of size " << inlen - in_offset << " to decrypt data." << std::endl;
return false;
}
if(!EVP_OpenUpdate(&ctx, (unsigned char*) out, &out_currOffset, (unsigned char*)in + in_offset, inlen - in_offset))
{

37
libretroshare/src/gxstunnel/p3gxstunnel.cc
View File

@ -856,7 +856,7 @@ void p3GxsTunnelService::handleRecvDHPublicKey(RsGxsTunnelDHPublicKeyItem *item)
#endif
uint32_t pubkey_size = BN_num_bytes(item->public_key) ;
unsigned char *data = (unsigned char *)malloc(pubkey_size) ;
RsTemporaryMemory data(pubkey_size) ;
BN_bn2bin(item->public_key, data) ;
RsTlvSecurityKey signature_key ;
@ -901,7 +901,7 @@ void p3GxsTunnelService::handleRecvDHPublicKey(RsGxsTunnelDHPublicKeyItem *item)
signature_key = item->gxs_key ;
}
if(!GxsSecurity::validateSignature((char*)data,pubkey_size,signature_key,item->signature))
if(!GxsSecurity::validateSignature((char*)(unsigned char*)data,pubkey_size,signature_key,item->signature))
{
std::cerr << "(SS) Signature was verified and it doesn't check! This is a security issue!" << std::endl;
return ;
@ -939,7 +939,7 @@ void p3GxsTunnelService::handleRecvDHPublicKey(RsGxsTunnelDHPublicKeyItem *item)
// Looks for the DH params. If not there yet, create them.
//
int size = DH_size(it->second.dh) ;
unsigned char *key_buff = new unsigned char[size] ;
RsTemporaryMemory key_buff(size) ;
if(size != DH_compute_key(key_buff,item->public_key,it->second.dh))
{
@ -959,7 +959,6 @@ void p3GxsTunnelService::handleRecvDHPublicKey(RsGxsTunnelDHPublicKeyItem *item)
assert(GXS_TUNNEL_AES_KEY_SIZE <= Sha1CheckSum::SIZE_IN_BYTES) ;
memcpy(pinfo.aes_key, RsDirUtil::sha1sum(key_buff,size).toByteArray(),GXS_TUNNEL_AES_KEY_SIZE) ;
delete[] key_buff ;
pinfo.last_contact = time(NULL) ;
pinfo.last_keep_alive_sent = time(NULL) ;
@ -1036,7 +1035,15 @@ bool p3GxsTunnelService::locked_sendDHPublicKey(const DH *dh,const RsGxsId& own_
uint32_t error_status ;
uint32_t size = BN_num_bytes(dhitem->public_key) ;
unsigned char *data = (unsigned char *)malloc(size) ;
RsTemporaryMemory data(size) ;
if(data == NULL)
{
delete(dhitem);
return false ;
}
BN_bn2bin(dhitem->public_key, data) ;
if(!mGixs->signData((unsigned char*)data,size,own_gxs_id,signature,error_status))
@ -1048,11 +1055,9 @@ bool p3GxsTunnelService::locked_sendDHPublicKey(const DH *dh,const RsGxsId& own_
default: std::cerr << "(EE) Unknown error when signing" << std::endl;
break ;
}
free(data) ;
delete(dhitem);
return false;
}
free(data) ;
if(!mGixs->getKey(own_gxs_id,signature_key_public))
{
@ -1136,8 +1141,13 @@ bool p3GxsTunnelService::locked_sendClearTunnelData(RsGxsTunnelDHPublicKeyItem *
uint32_t rssize = item->serial_size() ;
gitem->data_size = rssize + 8 ;
gitem->data_bytes = malloc(rssize+8) ;
gitem->data_bytes = rs_malloc(rssize+8) ;
if(gitem->data_bytes == NULL)
{
delete gitem ;
return NULL ;
}
// by convention, we use a IV of 0 for unencrypted data.
memset(gitem->data_bytes,0,8) ;
@ -1221,7 +1231,10 @@ bool p3GxsTunnelService::locked_sendEncryptedTunnelData(RsGxsTunnelItem *item)
RsTurtleGenericDataItem *gitem = new RsTurtleGenericDataItem ;
gitem->data_size = encrypted_size + GXS_TUNNEL_ENCRYPTION_IV_SIZE + GXS_TUNNEL_ENCRYPTION_HMAC_SIZE ;
gitem->data_bytes = malloc(gitem->data_size) ;
gitem->data_bytes = rs_malloc(gitem->data_size) ;
if(gitem->data_bytes == NULL)
return false ;
memcpy(& ((uint8_t*)gitem->data_bytes)[0] ,&IV,8) ;
@ -1316,7 +1329,11 @@ bool p3GxsTunnelService::sendData(const RsGxsTunnelId &tunnel_id, uint32_t servi
item->flags = 0; // not used yet.
item->service_id = service_id;
item->data_size = size; // encrypted data size
item->data = (uint8_t*)malloc(size); // encrypted data
item->data = (uint8_t*)rs_malloc(size); // encrypted data
if(item->data == NULL)
delete item ;
item->PeerId(RsPeerId(tunnel_id)) ;
memcpy(item->data,data,size) ;

21
libretroshare/src/gxstunnel/rsgxstunnelitems.cc
View File

@ -29,6 +29,7 @@
#include "serialiser/rsbaseserial.h"
#include "serialiser/rstlvbase.h"
#include "util/rsprint.h"
#include "util/rsmemory.h"
#include "gxstunnel/rsgxstunnelitems.h"
@ -343,6 +344,13 @@ RsGxsTunnelDHPublicKeyItem *RsGxsTunnelSerialiser::deserialise_RsGxsTunnelDHPubl
/* get mandatory parts first */
ok &= getRawUInt32(data, rssize, &offset, &s);
if(s > rssize || rssize - s < offset)
{
std::cerr << "RsGxsTunnelDHPublicKeyItem::() Size error while deserializing." << std::endl ;
delete item ;
return NULL ;
}
item->public_key = BN_bin2bn(&((unsigned char *)data)[offset],s,NULL) ;
offset += s ;
@ -380,11 +388,15 @@ RsGxsTunnelDataItem *RsGxsTunnelSerialiser::deserialise_RsGxsTunnelDataItem(void
ok &= getRawUInt32(dat, rssize, &offset, &item->service_id);
ok &= getRawUInt32(dat, rssize, &offset, &item->data_size);
if(offset + item->data_size <= size)
if(item->data_size > rssize || rssize - item->data_size < offset)
{
item->data = (unsigned char*)malloc(item->data_size) ;
std::cerr << "RsGxsTunnelDHPublicKeyItem::() Size error while deserializing." << std::endl ;
delete item ;
return NULL ;
}
item->data = (unsigned char*)rs_malloc(item->data_size) ;
if(dat == NULL)
if(item->data == NULL)
{
delete item ;
return NULL ;
@ -392,9 +404,6 @@ RsGxsTunnelDataItem *RsGxsTunnelSerialiser::deserialise_RsGxsTunnelDataItem(void
memcpy(item->data,&((uint8_t*)dat)[offset],item->data_size) ;
offset += item->data_size ;
}
else
ok = false ;
if (offset != rssize)

3
libretroshare/src/libretroshare.pro
View File

@ -361,7 +361,6 @@ HEADERS += chat/distantchat.h \
HEADERS += pqi/authssl.h \
pqi/authgpg.h \
pqi/rsmemory.h \
pgp/pgphandler.h \
pgp/pgpkeyutil.h \
pgp/rsaes.h \
@ -475,6 +474,7 @@ HEADERS += turtle/p3turtle.h \
HEADERS += util/folderiterator.h \
util/rsdebug.h \
util/rsmemory.h \
util/rscompress.h \
util/smallobject.h \
util/rsdir.h \
@ -631,6 +631,7 @@ SOURCES += util/folderiterator.cc \
util/rscompress.cc \
util/smallobject.cc \
util/rsdir.cc \
util/rsmemory.cc \
util/rsdiscspace.cc \
util/rsnet.cc \
util/rsnet_ss.cc \

7
libretroshare/src/pgp/pgphandler.cc
View File

@ -26,6 +26,7 @@ extern "C" {
#include "retroshare/rspeers.h" // For rsicontrol.
#include "util/rsdir.h"
#include "util/rsdiscspace.h"
#include "util/rsmemory.h"
#include "pgp/pgpkeyutil.h"
static const uint32_t PGP_CERTIFICATE_LIMIT_MAX_NAME_SIZE = 64 ;
@ -39,7 +40,11 @@ PassphraseCallback PGPHandler::_passphrase_callback = NULL ;
ops_keyring_t *PGPHandler::allocateOPSKeyring()
{
ops_keyring_t *kr = (ops_keyring_t*)malloc(sizeof(ops_keyring_t)) ;
ops_keyring_t *kr = (ops_keyring_t*)rs_malloc(sizeof(ops_keyring_t)) ;
if(kr == NULL)
return NULL ;
kr->nkeys = 0 ;
kr->nkeys_allocated = 0 ;
kr->keys = 0 ;

38
libretroshare/src/pqi/authssl.cc
View File

@ -117,10 +117,10 @@ static struct CRYPTO_dynlock_value *dyn_create_function(const char */*file*/, in
{
struct CRYPTO_dynlock_value *value;
value = (struct CRYPTO_dynlock_value*) malloc(sizeof(struct CRYPTO_dynlock_value));
if (!value) {
value = (struct CRYPTO_dynlock_value*) rs_malloc(sizeof(struct CRYPTO_dynlock_value));
if (!value)
return NULL;
}
pthread_mutex_init(&value->mutex, NULL);
return value;
@ -166,10 +166,10 @@ static void dyn_destroy_function(struct CRYPTO_dynlock_value *l, const char */*f
bool tls_init()
{
/* static locks area */
mutex_buf = (pthread_mutex_t*) malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
if (mutex_buf == NULL) {
mutex_buf = (pthread_mutex_t*) rs_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t));
if (mutex_buf == NULL)
return false;
}
for (int i = 0; i < CRYPTO_num_locks(); i++) {
pthread_mutex_init(&mutex_buf[i], NULL);
}
@ -1259,7 +1259,11 @@ bool AuthSSLimpl::encrypt(void *&out, int &outlen, const void *in, int inlen,
int out_offset = 0;
int max_evp_key_size = EVP_PKEY_size(public_key);
ek = (unsigned char*)malloc(max_evp_key_size);
ek = (unsigned char*)rs_malloc(max_evp_key_size);
if(ek == NULL)
return false ;
const EVP_CIPHER *cipher = EVP_aes_128_cbc();
int cipher_block_size = EVP_CIPHER_block_size(cipher);
int size_net_ekl = sizeof(net_ekl);
@ -1273,8 +1277,13 @@ bool AuthSSLimpl::encrypt(void *&out, int &outlen, const void *in, int inlen,
}
// now assign memory to out accounting for data, and cipher block size, key length, and key length val
out = (unsigned char*)malloc(inlen + cipher_block_size + size_net_ekl + eklen + EVP_MAX_IV_LENGTH);
out = (unsigned char*)rs_malloc(inlen + cipher_block_size + size_net_ekl + eklen + EVP_MAX_IV_LENGTH);
if(out == NULL)
{
free(ek) ;
return false ;
}
net_ekl = htonl(eklen);
memcpy((unsigned char*)out + out_offset, &net_ekl, size_net_ekl);
out_offset += size_net_ekl;
@ -1343,6 +1352,12 @@ bool AuthSSLimpl::decrypt(void *&out, int &outlen, const void *in, int inlen)
unsigned char iv[EVP_MAX_IV_LENGTH];
int ek_mkl = EVP_PKEY_size(mOwnPrivateKey);
ek = (unsigned char*)malloc(ek_mkl);
if(ek == NULL)
{
std::cerr << "(EE) Cannot allocate memory for " << ek_mkl << " bytes in " << __PRETTY_FUNCTION__ << std::endl;
return false ;
}
EVP_CIPHER_CTX_init(&ctx);
int in_offset = 0, out_currOffset = 0;
@ -1380,8 +1395,13 @@ bool AuthSSLimpl::decrypt(void *&out, int &outlen, const void *in, int inlen)
return false;
}
out = (unsigned char*)malloc(inlen - in_offset);
out = (unsigned char*)rs_malloc(inlen - in_offset);
if(out == NULL)
{
free(ek) ;
return false ;
}
if(!EVP_OpenUpdate(&ctx, (unsigned char*) out, &out_currOffset, (unsigned char*)in + in_offset, inlen - in_offset)) {
free(ek);
free(out) ;

17
libretroshare/src/pqi/pqibin.cc
View File

@ -27,6 +27,7 @@
#include "pqi/authssl.h"
#include "util/rsnet.h"
#include "util/rsdir.h"
#include "util/rsmemory.h"
// #define DEBUG_PQIBIN
@ -314,7 +315,13 @@ BinMemInterface::BinMemInterface(int defsize, int flags)
:bin_flags(flags), buf(NULL), size(defsize),
recvsize(0), readloc(0), hash(NULL), bcount(0)
{
buf = malloc(defsize);
buf = rs_malloc(defsize);
if(buf == NULL)
{
close() ;
return ;
}
if (bin_flags & BIN_FLAGS_HASH_DATA)
{
hash = new pqihash();
@ -326,7 +333,13 @@ BinMemInterface::BinMemInterface(const void *data, const int defsize, int flags)
:bin_flags(flags), buf(NULL), size(defsize),
recvsize(0), readloc(0), hash(NULL), bcount(0)
{
buf = malloc(defsize);
buf = rs_malloc(defsize);
if(buf == NULL)
{
close() ;
return ;
}
if (bin_flags & BIN_FLAGS_HASH_DATA)
{
hash = new pqihash();

6
libretroshare/src/pqi/pqinetwork.cc
View File

@ -290,7 +290,11 @@ bool getLocalAddresses(std::list<sockaddr_storage> & addrs)
#ifdef WINDOWS_SYS
// Seems strange to me but M$ documentation suggests to allocate this way...
DWORD bf_size = 16000;
IP_ADAPTER_ADDRESSES* adapter_addresses = (IP_ADAPTER_ADDRESSES*) malloc(bf_size);
IP_ADAPTER_ADDRESSES* adapter_addresses = (IP_ADAPTER_ADDRESSES*) rs_safe_malloc(bf_size);
if(adapter_addresses == NULL)
return false ;
DWORD error = GetAdaptersAddresses(AF_UNSPEC,
GAA_FLAG_SKIP_MULTICAST |
GAA_FLAG_SKIP_DNS_SERVER |

23
libretroshare/src/pqi/pqistore.cc
View File

@ -46,6 +46,7 @@
#include <fstream>
#include "util/rsdebug.h"
#include "util/rsmemory.h"
#include "util/rsstring.h"
//
@ -194,7 +195,12 @@ int pqistore::writePkt(RsItem *pqi)
#endif
uint32_t pktsize = rsSerialiser->size(pqi);
void *ptr = malloc(pktsize);
RsTemporaryMemory ptr(pktsize) ;
if(ptr == NULL)
return 0 ;
if (!(rsSerialiser->serialise(pqi, ptr, &pktsize)))
{
#ifdef PQISTORE_DEBUG
@ -203,7 +209,6 @@ int pqistore::writePkt(RsItem *pqi)
pqioutput(PQL_ALERT, pqistorezone, out);
#endif
free(ptr);
if (!(bio_flags & BIN_FLAGS_NO_DELETE))
delete pqi;
return 0;
@ -218,7 +223,6 @@ int pqistore::writePkt(RsItem *pqi)
pqi -> print_string(out);
pqioutput(PQL_ALERT, pqistorezone, out);
free(ptr);
if (!(bio_flags & BIN_FLAGS_NO_DELETE))
delete pqi;
return 0;
@ -232,7 +236,6 @@ int pqistore::writePkt(RsItem *pqi)
pqi -> print_string(out);
pqioutput(PQL_ALERT, pqistorezone, out);
free(ptr);
if (!(bio_flags & BIN_FLAGS_NO_DELETE))
delete pqi;
@ -250,7 +253,6 @@ int pqistore::writePkt(RsItem *pqi)
pqioutput(PQL_ALERT, pqistorezone, out);
#endif
free(ptr);
if (!(bio_flags & BIN_FLAGS_NO_DELETE))
delete pqi;
@ -262,7 +264,6 @@ int pqistore::writePkt(RsItem *pqi)
pqioutput(PQL_DEBUG_BASIC, pqistorezone, out);
#endif
free(ptr);
if (!(bio_flags & BIN_FLAGS_NO_DELETE))
delete pqi;
@ -288,7 +289,10 @@ int pqistore::readPkt(RsItem **item_out)
// initial read size: basic packet.
int blen = getRsPktBaseSize();
void *block = malloc(blen);
void *block = rs_malloc(blen);
if(block == NULL)
return false ;
int tmplen;
/* we have the header */
@ -495,7 +499,10 @@ int pqiSSLstore::readPkt(RsItem **item_out)
// initial read size: basic packet.
int blen = getRsPktBaseSize();
void *block = malloc(blen);
void *block = rs_malloc(blen);
if(block == NULL)
return false ;
int tmplen;
/* we have the header */

11
libretroshare/src/pqi/pqistreamer.cc
View File

@ -315,7 +315,11 @@ int pqistreamer::queue_outpqi_locked(RsItem *pqi,uint32_t& pktsize)
/* decide which type of packet it is */
pktsize = mRsSerialiser->size(pqi);
void *ptr = malloc(pktsize);
void *ptr = rs_malloc(pktsize);
if(ptr == NULL)
return 0 ;
#ifdef DEBUG_PQISTREAMER
std::cerr << "pqistreamer::queue_outpqi() serializing packet with packet size : " << pktsize << std::endl;
@ -1040,7 +1044,10 @@ void pqistreamer::allocate_rpend_locked()
return;
mPkt_rpend_size = getRsPktMaxSize();
mPkt_rpending = malloc(mPkt_rpend_size);
mPkt_rpending = rs_malloc(mPkt_rpend_size);
if(mPkt_rpending == NULL)
return ;
// avoid uninitialized (and random) memory read.
memset(mPkt_rpending,0,mPkt_rpend_size) ;

2
libretroshare/src/retroshare/rsplugin.h
View File

@ -160,7 +160,7 @@ class RsPlugin
// creates a new resource api handler object. ownership is transferred to the caller.
// the caller should supply a statetokenserver, and keep it valid until destruction
// the plugin should return a entry point name. this is to make the entry point name independent from file names
virtual resource_api::ResourceRouter* new_resource_api_handler(const RsPlugInInterfaces& ifaces, resource_api::StateTokenServer* sts, std::string &entrypoint) const { return 0;}
virtual resource_api::ResourceRouter* new_resource_api_handler(const RsPlugInInterfaces& /* ifaces */, resource_api::StateTokenServer* /* sts */, std::string & /*entrypoint*/) const { return 0;}
// Shutdown
virtual void stop() {}

8
libretroshare/src/rsserver/rsloginhandler.cc
View File

@ -273,7 +273,13 @@ bool RsLoginHandler::tryAutoLogin(const RsPeerId& ssl_id,std::string& ssl_passwd
fseek(fp, 0, SEEK_END);
datalen = ftell(fp);
fseek(fp, 0, SEEK_SET);
dataptr = (char *) malloc(datalen);
dataptr = (char *) rs_safe_malloc(datalen);
if(data_ptr == NULL)
{
fclose(fp);
return false;
}
fread(dataptr, 1, datalen, fp);
fclose(fp);

16
libretroshare/src/serialiser/rsbaseserial.cc
View File

@ -40,6 +40,7 @@ bool getRawUInt8(void *data, uint32_t size, uint32_t *offset, uint8_t *out)
/* first check there is space */
if (size < *offset + 1)
{
std::cerr << "(EE) Cannot deserialise uint8_t: not enough size." << std::endl;
return false;
}
void *buf = (void *) &(((uint8_t *) data)[*offset]);
@ -56,6 +57,7 @@ bool setRawUInt8(void *data, uint32_t size, uint32_t *offset, uint8_t in)
/* first check there is space */
if (size < *offset + 1)
{
std::cerr << "(EE) Cannot serialise uint8_t: not enough size." << std::endl;
return false;
}
@ -74,6 +76,7 @@ bool getRawUInt16(void *data, uint32_t size, uint32_t *offset, uint16_t *out)
/* first check there is space */
if (size < *offset + 2)
{
std::cerr << "(EE) Cannot deserialise uint16_t: not enough size." << std::endl;
return false;
}
void *buf = (void *) &(((uint8_t *) data)[*offset]);
@ -92,6 +95,7 @@ bool setRawUInt16(void *data, uint32_t size, uint32_t *offset, uint16_t in)
/* first check there is space */
if (size < *offset + 2)
{
std::cerr << "(EE) Cannot serialise uint16_t: not enough size." << std::endl;
return false;
}
@ -114,6 +118,7 @@ bool getRawUInt32(void *data, uint32_t size, uint32_t *offset, uint32_t *out)
/* first check there is space */
if (size < *offset + 4)
{
std::cerr << "(EE) Cannot deserialise uint32_t: not enough size." << std::endl;
return false;
}
void *buf = (void *) &(((uint8_t *) data)[*offset]);
@ -132,6 +137,7 @@ bool setRawUInt32(void *data, uint32_t size, uint32_t *offset, uint32_t in)
/* first check there is space */
if (size < *offset + 4)
{
std::cerr << "(EE) Cannot serialise uint32_t: not enough size." << std::endl;
return false;
}
@ -154,6 +160,7 @@ bool getRawUInt64(void *data, uint32_t size, uint32_t *offset, uint64_t *out)
/* first check there is space */
if (size < *offset + 8)
{
std::cerr << "(EE) Cannot deserialise uint64_t: not enough size." << std::endl;
return false;
}
void *buf = (void *) &(((uint8_t *) data)[*offset]);
@ -172,6 +179,7 @@ bool setRawUInt64(void *data, uint32_t size, uint32_t *offset, uint64_t in)
/* first check there is space */
if (size < *offset + 8)
{
std::cerr << "(EE) Cannot serialise uint64_t: not enough size." << std::endl;
return false;
}
@ -231,12 +239,13 @@ bool getRawString(void *data, uint32_t size, uint32_t *offset, std::string &outS
}
/* check there is space for string */
if (size < *offset + len)
if(len > size || size-len < *offset) // better than if(size < *offset + len) because it avoids integer overflow
{
std::cerr << "getRawString() not enough size" << std::endl;
return false;
}
uint8_t *buf = &(((uint8_t *) data)[*offset]);
for (uint32_t i = 0; i < len; i++)
{
outStr += buf[i];
@ -250,11 +259,10 @@ bool setRawString(void *data, uint32_t size, uint32_t *offset, const std::string
{
uint32_t len = inStr.length();
/* first check there is space */
if (size < *offset + 4 + len)
if(size < 4 || len > size-4 || size-len-4 < *offset) // better than if(size < *offset + len + 4) because it avoids integer overflow
{
//#ifdef RSSERIAL_DEBUG
std::cerr << "setRawString() Not enough size" << std::endl;
//#endif
return false;
}

3
libretroshare/src/serialiser/rsserial.h
View File

@ -34,6 +34,7 @@
#include <stdlib.h>
#include <stdint.h>
#include "util/rsmemory.h"
#include "retroshare/rstypes.h"
/*******************************************************************
@ -181,7 +182,7 @@ class RsRawItem: public RsItem
RsRawItem(uint32_t t, uint32_t size)
:RsItem(t), len(size)
{
data = malloc(len);
data = rs_malloc(len);
}
virtual ~RsRawItem()

7
libretroshare/src/serialiser/rstlvbinary.cc
View File

@ -24,6 +24,7 @@
*
*/
#include "util/rsmemory.h"
#include "serialiser/rstlvbinary.h"
#include "serialiser/rstlvbase.h"
@ -74,7 +75,11 @@ bool RsTlvBinaryData::setBinData(const void *data, uint32_t size)
return true;
}
bin_data = malloc(bin_len);
bin_data = rs_malloc(bin_len);
if(bin_data == NULL)
return false ;
memcpy(bin_data, data, bin_len);
return true;
}

6
libretroshare/src/services/p3gxschannels.cc
View File

@ -916,6 +916,12 @@ bool SSGxsChannelGroup::load(const std::string &input)
mAutoDownload = false;
mDownloadDirectory.clear();
if(input.empty())
{
std::cerr << "(EE) SSGxsChannelGroup::load() asked to load a null string. Weird." << std::endl;
return false ;
}
RsTemporaryMemory tmpmem(input.length());
if (1 == sscanf(input.c_str(), "D:%d", &download_val))

3
libretroshare/src/services/p3gxscommon.cc
View File

@ -98,7 +98,8 @@ void RsGxsImage::take(uint8_t *data, uint32_t size)
// NB Must make sure that we always use malloc/free for this data.
uint8_t *RsGxsImage::allocate(uint32_t size)
{
uint8_t *val = (uint8_t *) malloc(size);
uint8_t *val = (uint8_t *) rs_malloc(size);
#ifdef DEBUG_GXSCOMMON
std::cerr << "RsGxsImage()::allocate(" << (void *) val << ")";
std::cerr << std::endl;

6
libretroshare/src/services/p3photoservice.cc
View File

@ -26,7 +26,11 @@ bool RsPhotoThumbnail::copyFrom(const RsPhotoThumbnail &nail)
size = nail.size;
type = nail.type;
data = (uint8_t *) malloc(size);
data = (uint8_t *) rs_malloc(size);
if(data == NULL)
return false ;
memcpy(data, nail.data, size);
return true;

17
libretroshare/src/tcponudp/tcppacket.cc
View File

@ -36,6 +36,7 @@
#include <stdlib.h>
#include <string.h>
#include <util/rsmemory.h>
#include <iostream>
@ -79,7 +80,9 @@ TcpPacket::TcpPacket(uint8 *ptr, int size)
if (size > 0)
{
datasize = size;
data = (uint8 *) malloc(datasize);
data = (uint8 *) rs_malloc(datasize);
if(data != NULL)
memcpy(data, (void *) ptr, size);
}
return;
@ -185,7 +188,17 @@ int TcpPacket::readPacket(void *buf, int size)
free(data);
}
datasize = size - TCP_PSEUDO_HDR_SIZE;
data = (uint8 *) malloc(datasize);
if(datasize == 0) // this happens!
{
data = NULL ;
return 0 ;
}
data = (uint8 *) rs_malloc(datasize);
if(data == NULL)
return 0 ;
/* now the data */
memcpy(data, (void *) &(((uint8 *) buf)[20]), datasize);

3
libretroshare/src/tcponudp/udprelay.cc
View File

@ -26,6 +26,7 @@
#include "udprelay.h"
#include <iostream>
#include <time.h>
#include <util/rsmemory.h>
/*
* #define DEBUG_UDP_RELAY 1
@ -70,7 +71,7 @@ UdpRelayReceiver::UdpRelayReceiver(UdpPublisher *pub)
setRelayClassMax(UDP_RELAY_CLASS_GENERAL, UDP_RELAY_DEFAULT_GENERAL, UDP_RELAY_DEFAULT_BANDWIDTH);
/* only allocate this space once */
mTmpSendPkt = malloc(MAX_RELAY_UDP_PACKET_SIZE);
mTmpSendPkt = rs_malloc(MAX_RELAY_UDP_PACKET_SIZE);
mTmpSendSize = MAX_RELAY_UDP_PACKET_SIZE;
clearDataTransferred();

7
libretroshare/src/tcponudp/udpstunner.cc
View File

@ -29,6 +29,7 @@
#include "util/rsrandom.h"
#include "util/rsprint.h"
#include "util/rsmemory.h"
#include "util/rsstring.h"
static const int STUN_TTL = 64;
@ -535,7 +536,11 @@ bool UdpStun_generate_stun_pkt(void *stun_pkt, int *len)
void *UdpStun_generate_stun_reply(struct sockaddr_in *stun_addr, int *len)
{
/* just the header */
void *stun_pkt = malloc(28);
void *stun_pkt = rs_malloc(28);
if(!stun_pkt)
return NULL ;
((uint16_t *) stun_pkt)[0] = (uint16_t) htons(0x0101);
((uint16_t *) stun_pkt)[1] = (uint16_t) htons(28); /* only header + 8 byte addr */
/* transaction id - should be random */

18
libretroshare/src/turtle/rsturtleitem.cc
View File

@ -286,17 +286,17 @@ RsTurtleRegExpSearchRequestItem::RsTurtleRegExpSearchRequestItem(void *data,uint
expr._tokens.resize(n) ;
for(uint32_t i=0;i<n;++i) ok &= getRawUInt8(data,pktsize,&offset,&expr._tokens[i]) ;
for(uint32_t i=0;i<n && ok;++i) ok &= getRawUInt8(data,pktsize,&offset,&expr._tokens[i]) ;
ok &= getRawUInt32(data,pktsize,&offset,&n) ;
expr._ints.resize(n) ;
for(uint32_t i=0;i<n;++i) ok &= getRawUInt32(data,pktsize,&offset,&expr._ints[i]) ;
for(uint32_t i=0;i<n && ok;++i) ok &= getRawUInt32(data,pktsize,&offset,&expr._ints[i]) ;
ok &= getRawUInt32(data,pktsize,&offset,&n) ;
expr._strings.resize(n) ;
for(uint32_t i=0;i<n;++i) ok &= GetTlvString(data, pktsize, &offset, TLV_TYPE_STR_VALUE, expr._strings[i]);
for(uint32_t i=0;i<n && ok;++i) ok &= GetTlvString(data, pktsize, &offset, TLV_TYPE_STR_VALUE, expr._strings[i]);
#ifdef WINDOWS_SYS // No Exceptions in Windows compile. (drbobs).
UNREFERENCED_LOCAL_VARIABLE(rssize);
@ -531,6 +531,9 @@ RsTurtleGenericDataItem::RsTurtleGenericDataItem(void *data,uint32_t pktsize)
uint32_t offset = 8; // skip the header
uint32_t rssize = getRsItemSize(data);
if(rssize > pktsize)
throw std::runtime_error("RsTurtleTunnelOkItem::() wrong rssize (exceeds pktsize).") ;
/* add mandatory parts first */
bool ok = true ;
@ -540,7 +543,11 @@ RsTurtleGenericDataItem::RsTurtleGenericDataItem(void *data,uint32_t pktsize)
#ifdef P3TURTLE_DEBUG
std::cerr << " request_id=" << (void*)request_id << ", tunnel_id=" << (void*)tunnel_id << std::endl ;
#endif
data_bytes = malloc(data_size) ;
if(data_size > rssize || rssize - data_size < offset)
throw std::runtime_error("RsTurtleTunnelOkItem::() wrong data_size (exceeds rssize).") ;
data_bytes = rs_malloc(data_size) ;
if(data_bytes != NULL)
{
@ -548,10 +555,7 @@ RsTurtleGenericDataItem::RsTurtleGenericDataItem(void *data,uint32_t pktsize)
offset += data_size ;
}
else
{
std::cerr << "(EE) RsTurtleGenericDataItem: Error. Cannot allocate data for a size of " << data_size << " bytes." <<std::endl;
offset = 0 ; // generate an error
}
#ifdef WINDOWS_SYS // No Exceptions in Windows compile. (drbobs).
UNREFERENCED_LOCAL_VARIABLE(rssize);

11
libretroshare/src/util/rscompress.cc
View File

@ -30,6 +30,7 @@
#include <assert.h>
#include "rscompress.h"
#include "zlib.h"
#include "util/rsmemory.h"
// 16K buffer size.
//
@ -42,7 +43,10 @@ bool RsCompress::compress_memory_chunk(const uint8_t *input_mem,const uint32_t i
uint32_t output_offset = 0 ;
uint32_t input_offset = 0 ;
output_size = 1024 ;
output_mem = (uint8_t*)malloc(output_size) ;
output_mem = (uint8_t*)rs_malloc(output_size) ;
if(!output_mem)
return false ;
int ret, flush;
unsigned have;
@ -113,7 +117,10 @@ bool RsCompress::uncompress_memory_chunk(const uint8_t *input_mem,const uint32_t
output_size = input_size ;
uint32_t output_offset = 0 ;
uint32_t input_offset = 0 ;
output_mem = (uint8_t*)malloc(output_size) ;
output_mem = (uint8_t*)rs_malloc(output_size) ;
if(!output_mem)
return false ;
int ret;
unsigned have;

12
libretroshare/src/util/rsdir.cc
View File

@ -33,6 +33,7 @@
#include "util/rsdir.h"
#include "util/rsstring.h"
#include "util/rsrandom.h"
#include "util/rsmemory.h"
#include "retroshare/rstypes.h"
#include "rsthreads.h"
#include <iostream>
@ -267,7 +268,14 @@ bool RsDirUtil::copyFile(const std::string& source,const std::string& dest)
size_t T=0;
static const int BUFF_SIZE = 10485760 ; // 10 MB buffer to speed things up.
void *buffer = malloc(BUFF_SIZE) ;
RsTemporaryMemory buffer(BUFF_SIZE) ;
if(!buffer)
{
fclose(in) ;
fclose(out) ;
return false ;
}
bool bRet = true;
@ -286,8 +294,6 @@ bool RsDirUtil::copyFile(const std::string& source,const std::string& dest)
fclose(in) ;
fclose(out) ;
free(buffer) ;
return true ;
#endif

32
libretroshare/src/util/rsmemory.cc Normal file
View File

@ -0,0 +1,32 @@
#include "util/rsmemory.h"
void *rs_malloc(size_t size)
{
static const size_t SAFE_MEMALLOC_THRESHOLD = 1024*1024*1024 ; // 1Gb should be enough for everything!
if(size == 0)
{
std::cerr << "(EE) Memory allocation error. A chunk of size 0 was requested. Callstack:" << std::endl;
print_stacktrace() ;
return NULL ;
}
if(size > SAFE_MEMALLOC_THRESHOLD)
{
std::cerr << "(EE) Memory allocation error. A chunk of size 0 was requested. Callstack:" << std::endl;
print_stacktrace() ;
return NULL ;
}
void *mem = malloc(size) ;
if(mem == NULL)
{
std::cerr << "(EE) Memory allocation error for a chunk of " << size << " bytes. Callstack:" << std::endl;
print_stacktrace() ;
return NULL ;
}
return mem ;
}

8
libretroshare/src/util/rsmemory.h
View File

@ -1,6 +1,10 @@
#pragma once
#include <stdlib.h>
#include <iostream>
#include <util/stacktrace.h>
void *rs_malloc(size_t size) ;
// This is a scope guard to release the memory block when going of of the current scope.
// Can be very useful to auto-delete some memory on quit without the need to call free each time.
@ -24,7 +28,7 @@ class RsTemporaryMemory
public:
RsTemporaryMemory(size_t s)
{
_mem = (unsigned char *)malloc(s) ;
_mem = (unsigned char *)rs_malloc(s) ;
if(_mem)
_size = s ;
@ -53,5 +57,3 @@ private:
RsTemporaryMemory& operator=(const RsTemporaryMemory&) { return *this ;}
RsTemporaryMemory(const RsTemporaryMemory&) {}
};

18
libretroshare/src/util/rsrecogn.cc
View File

@ -145,7 +145,12 @@ bool RsRecogn::loadSigningKeys(std::map<RsGxsId, RsGxsRecognSignerItem *> &signM
/* store in */
uint32_t datalen = recognSerialiser.size(item);
uint8_t *data = (uint8_t *) malloc(datalen);
RsTemporaryMemory data(datalen) ;
if(!data)
return false ;
uint32_t pktlen = datalen;
int signOk = 0;
@ -181,8 +186,6 @@ bool RsRecogn::loadSigningKeys(std::map<RsGxsId, RsGxsRecognSignerItem *> &signM
#endif // DEBUG_RECOGN
delete item;
}
free(data);
}
/* clean up */
@ -233,7 +236,12 @@ bool RsRecogn::validateTagSignature(RsGxsRecognSignerItem *signer, RsGxsRecognTa
RsGxsRecognSerialiser serialiser;
uint32_t datalen = serialiser.size(item);
uint8_t *data = (uint8_t *) malloc(datalen);
RsTemporaryMemory data(datalen) ;
if(!data)
return false ;
int signOk = 0;
uint32_t pktlen = datalen;
@ -263,8 +271,6 @@ bool RsRecogn::validateTagSignature(RsGxsRecognSignerItem *signer, RsGxsRecognTa
EVP_MD_CTX_destroy(mdctx);
EVP_PKEY_free(signKey);
free(data);
return (signOk == 1);
}

3
libretroshare/src/util/smallobject.cc
View File

@ -1,6 +1,7 @@
#include <iostream>
#include "smallobject.h"
#include "util/rsthreads.h"
#include "util/rsmemory.h"
using namespace RsMemoryManagement ;
@ -206,7 +207,7 @@ SmallObjectAllocator::~SmallObjectAllocator()
void *SmallObjectAllocator::allocate(size_t bytes)
{
if(bytes > _maxObjectSize)
return malloc(bytes) ;
return rs_malloc(bytes) ;
else if(_lastAlloc != NULL && _lastAlloc->blockSize() == bytes)
return _lastAlloc->allocate() ;
else

7
openpgpsdk/src/openpgpsdk/util.c
View File

@ -114,13 +114,16 @@ void ops_finish(void)
\note Should be freed after use with free().
*/
void *ops_mallocz(size_t n)
{
{
void *m=malloc(n);
if(m == NULL)
fprintf(stderr,"(EE) Cannot allocate %d bytes of memory in %s\n",n,__PRETTY_FUNCTION__) ;
else
memset(m,'\0',n);
return m;
}
}
typedef struct
{

7
plugins/VOIP/gui/SpeexProcessor.cpp
View File

@ -1,5 +1,6 @@
#include "SpeexProcessor.h"
#include <util/rsmemory.h>
#include <speex/speex.h>
#include <speex/speex_preprocess.h>
@ -350,7 +351,11 @@ void SpeexOutputProcessor::putNetworkPacket(QString name, QByteArray packet) {
if (userJitterHash.contains(name)) {
userJitter = userJitterHash.value(name);
} else {
userJitter = (SpeexJitter*)malloc(sizeof(SpeexJitter));
userJitter = (SpeexJitter*)rs_malloc(sizeof(SpeexJitter));
if(!userJitter)
return ;
speex_jitter_init(userJitter, speex_decoder_init(&speex_wb_mode), SAMPLING_RATE);
int on = 1;
speex_decoder_ctl(userJitter->dec, SPEEX_SET_ENH, &on);

13
plugins/VOIP/gui/VideoProcessor.cpp
View File

@ -10,6 +10,8 @@
#include <QBuffer>
#include <QImage>
#include "util/rsmemory.h"
#include "VideoProcessor.h"
#include "QVideoDevice.h"
@ -384,7 +386,10 @@ bool JPEGVideo::encodeData(const QImage& image,uint32_t /* size_hint */,RsVOIPDa
buffer.open(QIODevice::WriteOnly) ;
encoded_frame.save(&buffer,"JPEG") ;
voip_chunk.data = malloc(HEADER_SIZE + qb.size());
voip_chunk.data = rs_malloc(HEADER_SIZE + qb.size());
if(!voip_chunk.data)
return false ;
// build header
uint32_t flags = differential_frame ? JPEG_VIDEO_FLAGS_DIFFERENTIAL_FRAME : 0x0 ;
@ -679,7 +684,11 @@ bool FFmpegVideo::encodeData(const QImage& image, uint32_t target_encoding_bitra
if(got_output)
{
voip_chunk.data = malloc(pkt.size + HEADER_SIZE) ;
voip_chunk.data = rs_malloc(pkt.size + HEADER_SIZE) ;
if(!voip_chunk.data)
return false ;
uint32_t flags = 0;
((unsigned char *)voip_chunk.data)[0] = VideoProcessor::VIDEO_PROCESSOR_CODEC_ID_MPEG_VIDEO & 0xff ;

11
plugins/VOIP/services/p3VOIP.cc
View File

@ -280,11 +280,10 @@ int p3VOIP::sendVoipData(const RsPeerId& peer_id,const RsVOIPDataChunk& chunk)
std::cerr << "Cannot allocate RsVOIPDataItem !" << std::endl;
return false ;
}
item->voip_data = malloc(chunk.size) ;
item->voip_data = rs_malloc(chunk.size) ;
if(item->voip_data == NULL)
{
std::cerr << "Cannot allocate RsVOIPDataItem.voip_data of size " << chunk.size << " !" << std::endl;
delete item ;
return false ;
}
@ -432,7 +431,13 @@ bool p3VOIP::getIncomingData(const RsPeerId& peer_id,std::vector<RsVOIPDataChunk
{
RsVOIPDataChunk chunk ;
chunk.size = (*it2)->data_size ;
chunk.data = malloc((*it2)->data_size) ;
chunk.data = rs_malloc((*it2)->data_size) ;
if(chunk.data == NULL)
{
delete *it2 ;
continue ;
}
uint32_t type_flags = (*it2)->flags & (RS_VOIP_FLAGS_AUDIO_DATA | RS_VOIP_FLAGS_VIDEO_DATA) ;
if(type_flags == RS_VOIP_FLAGS_AUDIO_DATA)

9
plugins/VOIP/services/rsVOIPItems.cc
View File

@ -447,7 +447,14 @@ RsVOIPDataItem::RsVOIPDataItem(void *data, uint32_t pktsize)
ok &= getRawUInt32(data, rssize, &offset, &flags);
ok &= getRawUInt32(data, rssize, &offset, &data_size);
voip_data = malloc(data_size) ;
if(data_size > rssize || rssize - data_size < offset)
throw std::runtime_error("Not enough space.") ;
voip_data = rs_malloc(data_size) ;
if(!voip_data)
throw std::runtime_error("Serialization error.") ;
memcpy(voip_data,&((uint8_t*)data)[offset],data_size) ;
offset += data_size ;

22
retroshare-gui/src/gui/common/RSTextBrowser.cpp
View File

@ -1,3 +1,5 @@
#include <iostream>
#include <QDesktopServices>
#include <QPainter>
@ -72,13 +74,23 @@ void RSTextBrowser::paintEvent(QPaintEvent *event)
QVariant RSTextBrowser::loadResource(int type, const QUrl &name)
{
if (mShowImages || type != QTextDocument::ImageResource || name.scheme().compare("data", Qt::CaseInsensitive) != 0) {
return QTextBrowser::loadResource(type, name);
}
// case 1: always trust the image if it comes from an internal resource
if (mImageBlockWidget) {
if(name.scheme().compare("qrc",Qt::CaseInsensitive)==0 && type == QTextDocument::ImageResource)
return QTextBrowser::loadResource(type, name);
// case 2: only display if the user allows it. Data resources can be bad (svg bombs) but we filter them out globally at the network layer.
// It would be good to add here a home-made resource loader that only loads images and not svg crap, just in case.
if(name.scheme().compare("data",Qt::CaseInsensitive)==0 && mShowImages)
return QTextBrowser::loadResource(type, name);
// case 3: otherwise, do not display
std::cerr << "TEXTBROWSER: refusing load ressource request: type=" << type << " scheme=" << name.scheme().toStdString() << ", url=" << name.toString().toStdString() << std::endl;
if (mImageBlockWidget)
mImageBlockWidget->show();
}
return QPixmap(":/trolltech/styles/commonstyle/images/file-16.png");
}

3
retroshare-gui/src/gui/gxsforums/GxsForumThreadWidget.cpp
View File

@ -213,6 +213,8 @@ GxsForumThreadWidget::GxsForumThreadWidget(const RsGxsGroupId &forumId, QWidget
ui->line_2->hide() ;
ui->by_text_label->hide() ;
ui->by_label->hide() ;
ui->postText->setImageBlockWidget(ui->imageBlockWidget);
ui->postText->resetImagesStatus(Settings->getForumLoadEmbeddedImages()) ;
ui->subscribeToolButton->setToolTip(tr("<p>Subscribing to the forum will gather \
available posts from your subscribed friends, and make the \
@ -590,6 +592,7 @@ void GxsForumThreadWidget::changedThread()
if (mFillThread) {
return;
}
ui->postText->resetImagesStatus(Settings->getForumLoadEmbeddedImages()) ;
insertMessage();
}

37
retroshare-gui/src/gui/gxsforums/GxsForumThreadWidget.ui
View File

@ -6,17 +6,14 @@
<rect>
<x>0</x>
<y>0</y>
<width>622</width>
<height>412</height>
<width>851</width>
<height>721</height>
</rect>
</property>
<property name="windowTitle">
<string>Form</string>
</property>
<layout class="QVBoxLayout" name="verticalLayout">
<property name="margin">
<number>0</number>
</property>
<layout class="QVBoxLayout" name="verticalLayout_3">
<item>
<widget class="QSplitter" name="threadSplitter">
<property name="orientation">
@ -117,6 +114,12 @@
<property name="sizeType">
<enum>QSizePolicy::MinimumExpanding</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>0</width>
<height>0</height>
</size>
</property>
</spacer>
</item>
<item>
@ -446,6 +449,19 @@
</item>
</layout>
</widget>
<widget class="QWidget" name="">
<layout class="QVBoxLayout" name="verticalLayout">
<item>
<widget class="RSImageBlockWidget" name="imageBlockWidget" native="true">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Maximum">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
</widget>
</item>
<item>
<widget class="RSTextBrowser" name="postText">
<property name="sizePolicy">
<sizepolicy hsizetype="Expanding" vsizetype="Expanding">
@ -457,6 +473,9 @@
<enum>Qt::CustomContextMenu</enum>
</property>
</widget>
</item>
</layout>
</widget>
</widget>
</item>
</layout>
@ -502,6 +521,12 @@
<header location="global">gui/common/ElidedLabel.h</header>
<container>1</container>
</customwidget>
<customwidget>
<class>RSImageBlockWidget</class>
<extends>QWidget</extends>
<header>gui/common/RSImageBlockWidget.h</header>
<container>1</container>
</customwidget>
</customwidgets>
<resources>
<include location="../images.qrc"/>

18
retroshare-gui/src/gui/notifyqt.cpp
View File

@ -151,11 +151,25 @@ class SignatureEventData
{
// We need a new memory chnk because there's no guarranty _sign nor _signlen are not in the stack
sign = (unsigned char *)malloc(_signlen) ;
sign = (unsigned char *)rs_malloc(_signlen) ;
if(!sign)
{
signlen = NULL ;
signature_result = SELF_SIGNATURE_RESULT_FAILED ;
return ;
}
signlen = new unsigned int ;
*signlen = _signlen ;
signature_result = SELF_SIGNATURE_RESULT_PENDING ;
data = malloc(_len) ;
data = rs_malloc(_len) ;
if(!data)
{
len = 0 ;
return ;
}
len = _len ;
memcpy(data,_data,len) ;
}