From: Tomas Mraz Date: Wed, 28 Jun 2023 14:46:00 +0000 (+0200) Subject: Cleanse data in send and receive ring buffers on release X-Git-Tag: openssl-3.2.0-alpha1~539 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=292c9df2662b6bd54fea233964d908de5c63db7a;p=thirdparty%2Fopenssl.git Cleanse data in send and receive ring buffers on release Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/21311) --- diff --git a/include/internal/ring_buf.h b/include/internal/ring_buf.h index 69b8df2aa83..1d70439278b 100644 --- a/include/internal/ring_buf.h +++ b/include/internal/ring_buf.h @@ -47,9 +47,12 @@ static ossl_inline int ring_buf_init(struct ring_buf *r) return 1; } -static ossl_inline void ring_buf_destroy(struct ring_buf *r) +static ossl_inline void ring_buf_destroy(struct ring_buf *r, int cleanse) { - OPENSSL_free(r->start); + if (cleanse) + OPENSSL_clear_free(r->start, r->alloc); + else + OPENSSL_free(r->start); r->start = NULL; r->alloc = 0; } @@ -213,7 +216,8 @@ static ossl_inline void ring_buf_cpop_range(struct ring_buf *r, r->head_offset = r->ctail_offset; } -static ossl_inline int ring_buf_resize(struct ring_buf *r, size_t num_bytes) +static ossl_inline int ring_buf_resize(struct ring_buf *r, size_t num_bytes, + int cleanse) { struct ring_buf rnew = {0}; const unsigned char *src = NULL; @@ -251,9 +255,9 @@ static ossl_inline int ring_buf_resize(struct ring_buf *r, size_t num_bytes) } assert(rnew.head_offset == r->head_offset); - rnew.ctail_offset = r->ctail_offset; + rnew.ctail_offset = r->ctail_offset; - OPENSSL_free(r->start); + ring_buf_destroy(r, cleanse); memcpy(r, &rnew, sizeof(*r)); return 1; } diff --git a/ssl/quic/quic_rstream.c b/ssl/quic/quic_rstream.c index 80970b084f4..0b3c8706615 100644 --- a/ssl/quic/quic_rstream.c +++ b/ssl/quic/quic_rstream.c @@ -30,7 +30,7 @@ QUIC_RSTREAM *ossl_quic_rstream_new(QUIC_RXFC *rxfc, return NULL; ring_buf_init(&ret->rbuf); - if (!ring_buf_resize(&ret->rbuf, rbuf_size)) { + if (!ring_buf_resize(&ret->rbuf, rbuf_size, 0)) { OPENSSL_free(ret); return NULL; } @@ -43,11 +43,14 @@ QUIC_RSTREAM *ossl_quic_rstream_new(QUIC_RXFC *rxfc, void ossl_quic_rstream_free(QUIC_RSTREAM *qrs) { + int cleanse; + if (qrs == NULL) return; + cleanse = qrs->fl.cleanse; ossl_sframe_list_destroy(&qrs->fl); - ring_buf_destroy(&qrs->rbuf); + ring_buf_destroy(&qrs->rbuf, cleanse); OPENSSL_free(qrs); } @@ -281,7 +284,7 @@ int ossl_quic_rstream_resize_rbuf(QUIC_RSTREAM *qrs, size_t rbuf_size) if (ossl_sframe_list_is_head_locked(&qrs->fl)) return 0; - if (!ring_buf_resize(&qrs->rbuf, rbuf_size)) + if (!ring_buf_resize(&qrs->rbuf, rbuf_size, qrs->fl.cleanse)) return 0; return 1; diff --git a/ssl/quic/quic_sstream.c b/ssl/quic/quic_sstream.c index a4bf7b025d5..b6cf311cfc6 100644 --- a/ssl/quic/quic_sstream.c +++ b/ssl/quic/quic_sstream.c @@ -66,8 +66,8 @@ QUIC_SSTREAM *ossl_quic_sstream_new(size_t init_buf_size) return NULL; ring_buf_init(&qss->ring_buf); - if (!ring_buf_resize(&qss->ring_buf, init_buf_size)) { - ring_buf_destroy(&qss->ring_buf); + if (!ring_buf_resize(&qss->ring_buf, init_buf_size, 0)) { + ring_buf_destroy(&qss->ring_buf, 0); OPENSSL_free(qss); return NULL; } @@ -84,7 +84,7 @@ void ossl_quic_sstream_free(QUIC_SSTREAM *qss) ossl_uint_set_destroy(&qss->new_set); ossl_uint_set_destroy(&qss->acked_set); - ring_buf_destroy(&qss->ring_buf); + ring_buf_destroy(&qss->ring_buf, qss->cleanse); OPENSSL_free(qss); } @@ -356,7 +356,7 @@ static void qss_cull(QUIC_SSTREAM *qss) int ossl_quic_sstream_set_buffer_size(QUIC_SSTREAM *qss, size_t num_bytes) { - return ring_buf_resize(&qss->ring_buf, num_bytes); + return ring_buf_resize(&qss->ring_buf, num_bytes, qss->cleanse); } size_t ossl_quic_sstream_get_buffer_size(QUIC_SSTREAM *qss)