You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@commons.apache.org by sd...@apache.org on 2016/06/29 05:53:29 UTC

[1/2] commons-crypto git commit: CRYPTO-89: more robust native code to eliminate memory leak

Repository: commons-crypto
Updated Branches:
  refs/heads/master 4a3baba53 -> 9e7f040b1


CRYPTO-89: more robust native code to eliminate memory leak


Project: http://git-wip-us.apache.org/repos/asf/commons-crypto/repo
Commit: http://git-wip-us.apache.org/repos/asf/commons-crypto/commit/800c831a
Tree: http://git-wip-us.apache.org/repos/asf/commons-crypto/tree/800c831a
Diff: http://git-wip-us.apache.org/repos/asf/commons-crypto/diff/800c831a

Branch: refs/heads/master
Commit: 800c831ac90e17e214484e5e761df3ee1212a9fc
Parents: 169c76e
Author: Xianda Ke <xi...@intel.com>
Authored: Thu Jun 23 14:20:46 2016 +0800
Committer: Xianda Ke <xi...@intel.com>
Committed: Sun Jun 26 17:39:04 2016 +0800

----------------------------------------------------------------------
 .../commons/crypto/cipher/OpensslNative.c       | 72 +++++++++++++-------
 1 file changed, 49 insertions(+), 23 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/commons-crypto/blob/800c831a/src/main/native/org/apache/commons/crypto/cipher/OpensslNative.c
----------------------------------------------------------------------
diff --git a/src/main/native/org/apache/commons/crypto/cipher/OpensslNative.c b/src/main/native/org/apache/commons/crypto/cipher/OpensslNative.c
index 987af95..f409011 100644
--- a/src/main/native/org/apache/commons/crypto/cipher/OpensslNative.c
+++ b/src/main/native/org/apache/commons/crypto/cipher/OpensslNative.c
@@ -247,6 +247,11 @@ JNIEXPORT jlong JNICALL Java_org_apache_commons_crypto_cipher_OpensslNative_init
     (JNIEnv *env, jclass clazz, jlong ctx, jint mode, jint alg, jint padding,
     jbyteArray key, jbyteArray iv)
 {
+  jlong result = 0L;
+  EVP_CIPHER_CTX *context = CONTEXT(ctx);
+
+  jbyte *jKey = NULL;
+  jbyte *jIv  = NULL;
   int jKeyLen = (*env)->GetArrayLength(env, key);
   int jIvLen = (*env)->GetArrayLength(env, iv);
   if (jKeyLen != KEY_LENGTH_128 && jKeyLen != KEY_LENGTH_192
@@ -254,14 +259,13 @@ JNIEXPORT jlong JNICALL Java_org_apache_commons_crypto_cipher_OpensslNative_init
     char str[64] = {0};
     snprintf(str, sizeof(str), "Invalid AES key length: %d bytes", jKeyLen);
     THROW(env, "java/security/InvalidKeyException", str);
-    return (jlong)0;
+    goto cleanup;
   }
   if (jIvLen != IV_LENGTH) {
     THROW(env, "java/security/InvalidAlgorithmParameterException", "Wrong IV length: must be 16 bytes long");
-    return (jlong)0;
+    goto cleanup;
   }
 
-  EVP_CIPHER_CTX *context = CONTEXT(ctx);
   if (context == 0) {
     // Create and initialize a EVP_CIPHER_CTX
     context = dlsym_EVP_CIPHER_CTX_new();
@@ -271,31 +275,27 @@ JNIEXPORT jlong JNICALL Java_org_apache_commons_crypto_cipher_OpensslNative_init
     }
   }
 
-  jbyte *jKey = (*env)->GetByteArrayElements(env, key, NULL);
+  jKey = (*env)->GetByteArrayElements(env, key, NULL);
   if (jKey == NULL) {
     THROW(env, "java/lang/InternalError", "Cannot get bytes array for key.");
-    return (jlong)0;
+    goto cleanup;
   }
-  jbyte *jIv = (*env)->GetByteArrayElements(env, iv, NULL);
+  jIv = (*env)->GetByteArrayElements(env, iv, NULL);
   if (jIv == NULL) {
-    (*env)->ReleaseByteArrayElements(env, key, jKey, 0);
     THROW(env, "java/lang/InternalError", "Cannot get bytes array for iv.");
-    return (jlong)0;
+    goto cleanup;
   }
 
   if (!(alg == AES_CTR || alg == AES_CBC)) {
     THROW(env, "java/security/NoSuchAlgorithmException", "The algorithm is not supported.");
-    return (jlong)0;
+    goto cleanup;
   }
 
   int rc = dlsym_EVP_CipherInit_ex(context, getEvpCipher(alg, jKeyLen),  \
       NULL, (unsigned char *)jKey, (unsigned char *)jIv, mode == ENCRYPT_MODE);
-  (*env)->ReleaseByteArrayElements(env, key, jKey, 0);
-  (*env)->ReleaseByteArrayElements(env, iv, jIv, 0);
   if (rc == 0) {
-    dlsym_EVP_CIPHER_CTX_cleanup(context);
     THROW(env, "java/lang/InternalError", "Error in EVP_CipherInit_ex.");
-    return (jlong)0;
+    goto cleanup;
   }
 
   if (padding == NOPADDING) {
@@ -304,7 +304,25 @@ JNIEXPORT jlong JNICALL Java_org_apache_commons_crypto_cipher_OpensslNative_init
     dlsym_EVP_CIPHER_CTX_set_padding(context, 1);
   }
 
-  return JLONG(context);
+  // everything is OK,
+  result = JLONG(context);
+
+cleanup:
+  if (result == 0 && context != NULL) {
+    if (CONTEXT(ctx) != NULL) {
+      dlsym_EVP_CIPHER_CTX_cleanup(context);
+    } else {
+      dlsym_EVP_CIPHER_CTX_free(context);
+    }
+  }
+  if (jKey != NULL) {
+    (*env)->ReleaseByteArrayElements(env, key, jKey, 0);
+  }
+  if (jIv != NULL) {
+    (*env)->ReleaseByteArrayElements(env, iv, jIv, 0);
+  }
+
+  return result;
 }
 
 // https://www.openssl.org/docs/crypto/EVP_EncryptInit.html
@@ -371,25 +389,33 @@ JNIEXPORT jint JNICALL Java_org_apache_commons_crypto_cipher_OpensslNative_updat
         "Output buffer is not sufficient.");
     return 0;
   }
-  unsigned char *input_bytes = (unsigned char *) (*env)->GetByteArrayElements(env, input, 0);
-  unsigned char *output_bytes = (unsigned char *) (*env)->GetByteArrayElements(env, output, 0);
+  unsigned char *input_bytes = NULL;
+  unsigned char *output_bytes = NULL;
+  int output_len = 0;
+
+  input_bytes = (unsigned char *) (*env)->GetByteArrayElements(env, input, 0);
+  output_bytes = (unsigned char *) (*env)->GetByteArrayElements(env, output, 0);
   if (input_bytes == NULL || output_bytes == NULL) {
     THROW(env, "java/lang/InternalError", "Cannot get buffer address.");
-    return 0;
+    goto cleanup;
   }
 
-  int output_len = 0;
   int rc = dlsym_EVP_CipherUpdate(context, output_bytes + output_offset, &output_len,  \
       input_bytes + input_offset, input_len);
-
-  (*env)->ReleaseByteArrayElements(env, input, (jbyte *) input_bytes, 0);
-  (*env)->ReleaseByteArrayElements(env, output, (jbyte *) output_bytes, 0);
-
   if (rc == 0) {
     dlsym_EVP_CIPHER_CTX_cleanup(context);
     THROW(env, "java/lang/InternalError", "Error in EVP_CipherUpdate.");
-    return 0;
+    output_len = 0;
   }
+
+cleanup:
+  if (input_bytes != NULL) {
+    (*env)->ReleaseByteArrayElements(env, input, (jbyte *) input_bytes, 0);
+  }
+  if (output_bytes != NULL) {
+    (*env)->ReleaseByteArrayElements(env, output, (jbyte *) output_bytes, 0);
+  }
+
   return output_len;
 }

[2/2] commons-crypto git commit: Merge branch 'CRYPTO-89: More robust native code to eliminate memory leak '

Posted by sd...@apache.org.

Merge branch 'CRYPTO-89: More robust native code to eliminate memory leak '


Project: http://git-wip-us.apache.org/repos/asf/commons-crypto/repo
Commit: http://git-wip-us.apache.org/repos/asf/commons-crypto/commit/9e7f040b
Tree: http://git-wip-us.apache.org/repos/asf/commons-crypto/tree/9e7f040b
Diff: http://git-wip-us.apache.org/repos/asf/commons-crypto/diff/9e7f040b

Branch: refs/heads/master
Commit: 9e7f040b139f65ac133976e0d5c96cf963fbb226
Parents: 4a3baba 800c831
Author: Sun Dapeng <sd...@apache.org>
Authored: Wed Jun 29 13:45:29 2016 +0800
Committer: Sun Dapeng <sd...@apache.org>
Committed: Wed Jun 29 13:45:29 2016 +0800

----------------------------------------------------------------------
 .../commons/crypto/cipher/OpensslNative.c       | 72 +++++++++++++-------
 1 file changed, 49 insertions(+), 23 deletions(-)
----------------------------------------------------------------------