Skip to content

Commit

Permalink
Fix stack overflow bug (crustio#232)
Browse files Browse the repository at this point in the history
  • Loading branch information
TonyCode2012 authored Sep 24, 2020
1 parent d9d63fd commit 335f1cc
Show file tree
Hide file tree
Showing 9 changed files with 415 additions and 76 deletions.
121 changes: 104 additions & 17 deletions src/enclave/identity/Identity.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -748,7 +748,7 @@ void id_get_metadata(json::JSON &meta_json, bool locked /*=true*/)
meta_json = json::JSON();
goto cleanup;
}
meta_json = json::JSON::Load(std::string(reinterpret_cast<char*>(p_data + strlen(TEE_PRIVATE_TAG)), data_len));
meta_json = json::JSON::Load(p_data + strlen(TEE_PRIVATE_TAG), data_len);
if (meta_json.size() == 0)
{
goto cleanup;
Expand Down Expand Up @@ -905,28 +905,116 @@ crust_status_t id_store_metadata()
crust_status_t crust_status = CRUST_SUCCESS;
std::string hex_id_key_str = hexstring_safe(&id_key_pair, sizeof(id_key_pair));

// Calculate metadata volumn
size_t meta_len = 0;
for (auto it : wl->srd_path2hashs_m)
{
meta_len += it.second.size() * (64 + 3);
}
meta_len += wl->srd_path2hashs_m.size() * (128 + 4);
meta_len += strlen(TEE_PRIVATE_TAG) + 5
+ strlen(ID_WORKLOAD) + 5
+ strlen(ID_KEY_PAIR) + 5
+ strlen(ID_REPORT_SLOT) + 5
+ strlen(ID_CHAIN_ACCOUNT_ID) + 5
+ strlen(ID_FILE) + 5;
size_t file_item_len = strlen(FILE_HASH) + 3 + 64 + 3
+ strlen(FILE_OLD_HASH) + 3 + 64 + 3
+ strlen(FILE_SIZE) + 3 + 14 + 1
+ strlen(FILE_OLD_SIZE) + 3 + 14 + 1
+ strlen(FILE_BLOCK_NUM) + 3 + 14 + 4
+ strlen(FILE_STATUS) + 16 + 4
+ 2;
meta_len += wl->checked_files.size() * file_item_len;
uint8_t *meta_buf = (uint8_t *)enc_malloc(meta_len);
if (meta_buf == NULL)
{
return CRUST_MALLOC_FAILED;
}
memset(meta_buf, 0, meta_len);
size_t offset = 0;

// ----- Store metadata ----- //
std::string meta_str(TEE_PRIVATE_TAG);
meta_str.append("{");
memcpy(meta_buf, TEE_PRIVATE_TAG, strlen(TEE_PRIVATE_TAG));
offset += strlen(TEE_PRIVATE_TAG);
memcpy(meta_buf + offset, "{", 1);
offset += 1;
// Append srd
meta_str.append("\"").append(ID_WORKLOAD).append("\":");
wl->serialize_srd(meta_str);
meta_str.append(",");
std::string wl_title;
wl_title.append("\"").append(ID_WORKLOAD).append("\":{");
memcpy(meta_buf + offset, wl_title.c_str(), wl_title.size());
offset += wl_title.size();
size_t i = 0;
for (auto it = wl->srd_path2hashs_m.begin(); it != wl->srd_path2hashs_m.end(); it++, i++)
{
std::string path_title;
path_title.append("\"").append(it->first).append("\":[");
memcpy(meta_buf + offset, path_title.c_str(), path_title.size());
offset += path_title.size();
for (size_t j = 0; j < it->second.size(); j++)
{
std::string hash_str;
hash_str.append("\"").append(hexstring_safe(it->second[j], HASH_LENGTH)).append("\"");
memcpy(meta_buf + offset, hash_str.c_str(), hash_str.size());
offset += hash_str.size();
if (j != it->second.size() - 1)
{
memcpy(meta_buf + offset, ",", 1);
offset += 1;
}
}
memcpy(meta_buf + offset, "]", 1);
offset += 1;
if (i != wl->srd_path2hashs_m.size() - 1)
{
memcpy(meta_buf + offset, ",", 1);
offset += 1;
}
}
memcpy(meta_buf + offset, "},", 2);
offset += 2;
// Append id key pair
meta_str.append("\"").append(ID_KEY_PAIR).append("\":")
std::string key_pair_str;
key_pair_str.append("\"").append(ID_KEY_PAIR).append("\":")
.append("\"").append(hex_id_key_str).append("\",");
memcpy(meta_buf + offset, key_pair_str.c_str(), key_pair_str.size());
offset += key_pair_str.size();
// Append report slot
meta_str.append("\"").append(ID_REPORT_SLOT).append("\":")
std::string report_slot_str;
report_slot_str.append("\"").append(ID_REPORT_SLOT).append("\":")
.append("\"").append(std::to_string(report_slot)).append("\",");
memcpy(meta_buf + offset, report_slot_str.c_str(), report_slot_str.size());
offset += report_slot_str.size();
// Append chain account id
meta_str.append("\"").append(ID_CHAIN_ACCOUNT_ID).append("\":")
std::string account_id_str;
account_id_str.append("\"").append(ID_CHAIN_ACCOUNT_ID).append("\":")
.append("\"").append(g_chain_account_id).append("\",");
memcpy(meta_buf + offset, account_id_str.c_str(), account_id_str.size());
offset += account_id_str.size();
// Append files
meta_str.append("\"").append(ID_FILE).append("\":");
wl->serialize_file(meta_str);
meta_str.append("}");
std::string file_title;
file_title.append("\"").append(ID_FILE).append("\":[");
memcpy(meta_buf + offset, file_title.c_str(), file_title.size());
offset += file_title.size();
for (size_t i = 0; i < wl->checked_files.size(); i++)
{
std::string file_str = wl->checked_files[i].dump();
remove_char(file_str, '\n');
remove_char(file_str, '\\');
remove_char(file_str, ' ');
memcpy(meta_buf + offset, file_str.c_str(), file_str.size());
offset += file_str.size();
if (i != wl->checked_files.size() - 1)
{
memcpy(meta_buf + offset, ",", 1);
offset += 1;
}
}
memcpy(meta_buf + offset, "]}", 2);
offset += 2;

crust_status = persist_set(ID_METADATA, reinterpret_cast<const uint8_t *>(meta_str.c_str()), meta_str.size());
crust_status = persist_set(ID_METADATA, meta_buf, offset);
free(meta_buf);

sgx_thread_mutex_unlock(&g_metadata_mutex);

Expand Down Expand Up @@ -968,14 +1056,13 @@ crust_status_t id_restore_metadata()
log_warn("Wait for srd info, code:%lx\n", crust_status);
}
// Restore meaningful files
wl->checked_files.clear();
if (meta_json.hasKey(ID_FILE)
&& meta_json[ID_FILE].JSONType() == json::JSON::Class::Array)
{
json::JSON m_files = meta_json[ID_FILE];
for (int i = 0; i < m_files.size(); i++)
wl->checked_files.resize(meta_json[ID_FILE].size());
for (int i = 0; i < meta_json[ID_FILE].size(); i++)
{
wl->checked_files.push_back(m_files[i]);
wl->checked_files[i] = meta_json[ID_FILE][i];
}
}
// Restore id key pair
Expand Down
45 changes: 7 additions & 38 deletions src/enclave/report/Report.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,6 @@ crust_status_t get_signed_work_report(const char *block_hash, size_t block_heigh
}
id_set_report_slot((block_height - 1)/ERA_LENGTH + 1);


Workload *wl = Workload::get_instance();
// The first report after restart will not be processed
if (id_just_after_restart())
Expand All @@ -95,41 +94,11 @@ crust_status_t get_signed_work_report(const char *block_hash, size_t block_heigh
sgx_status_t sgx_status;
// ----- Get srd info ----- //
sgx_thread_mutex_lock(&g_srd_mutex);
size_t srd_workload;
sgx_sha256_hash_t srd_root;
// Get hashs for hashing
size_t g_hashs_num = 0;
size_t srd_workload = 0;
for (auto it : wl->srd_path2hashs_m)
{
g_hashs_num += it.second.size();
}
uint8_t *hashs = (uint8_t *)enc_malloc(g_hashs_num * HASH_LENGTH);
if (hashs == NULL)
{
log_err("Malloc memory failed!\n");
return CRUST_MALLOC_FAILED;
srd_workload += it.second.size() * 1024 * 1024 * 1024;
}
size_t hashs_len = 0;
for (auto it : wl->srd_path2hashs_m)
{
for (auto g_hash : it.second)
{
memcpy(hashs + hashs_len, g_hash, HASH_LENGTH);
hashs_len += HASH_LENGTH;
}
}
// Generate srd information
if (hashs_len == 0)
{
srd_workload = 0;
memset(srd_root, 0, HASH_LENGTH);
}
else
{
srd_workload = (hashs_len / HASH_LENGTH) * 1024 * 1024 * 1024;
sgx_sha256_msg(hashs, (uint32_t)hashs_len, &srd_root);
}
free(hashs);
sgx_thread_mutex_unlock(&g_srd_mutex);

// ----- Get files info ----- //
Expand All @@ -142,14 +111,14 @@ crust_status_t get_signed_work_report(const char *block_hash, size_t block_heigh
continue;
}

if (old_files.size() != 1)
{
old_files.append(",");
}
old_files.append("{\"").append(FILE_HASH).append("\":")
.append("\"").append(wl->checked_files[i][FILE_OLD_HASH].ToString()).append("\",");
old_files.append("\"").append(FILE_SIZE).append("\":")
.append(std::to_string(wl->checked_files[i][FILE_OLD_SIZE].ToInt())).append("}");
if (i != wl->checked_files.size() - 1)
{
old_files.append(",");
}
}
sgx_thread_mutex_unlock(&g_checked_files_mutex);
old_files.append("]");
Expand Down Expand Up @@ -225,7 +194,7 @@ crust_status_t get_signed_work_report(const char *block_hash, size_t block_heigh
wr_str.append("\"").append(WORKREPORT_SIG).append("\":")
.append("\"").append(hexstring_safe(&sgx_sig, sizeof(sgx_ec256_signature_t))).append("\"");
wr_str.append("}");
store_large_data(wr_str, ocall_store_workreport, wl->ocall_wr_mutex);
store_large_data(reinterpret_cast<const uint8_t *>(wr_str.c_str()), wr_str.size(), ocall_store_workreport, wl->ocall_wr_mutex);

// Reset meaningful data
wl->set_report_flag(true);
Expand Down
Loading

0 comments on commit 335f1cc

Please sign in to comment.