Fixed #6930: Segfault when calling crypto functions

2025-02-02 10:00:38 +01:00 · 2021-08-25 18:04:22 +03:00 · 2021-08-25 18:04:22 +03:00 · 2546af4ee2
commit 2546af4ee2
parent a1104686b4
11 changed files with 30 additions and 12 deletions
--- a/lang_helpers/gds_codes.pas
+++ b/lang_helpers/gds_codes.pas
@ -1957,6 +1957,8 @@ const
 	gds_tom_key_length                   = 335545274;
 	isc_inf_invalid_args                 = 335545275;
 	gds_inf_invalid_args                 = 335545275;
+	isc_tom_bad_param                    = 335545276;
+	gds_tom_bad_param                    = 335545276;
 	isc_gfix_db_name                     = 335740929;
 	gds_gfix_db_name                     = 335740929;
 	isc_gfix_invalid_sw                  = 335740930;
--- a/src/include/gen/Firebird.pas
+++ b/src/include/gen/Firebird.pas
@ -5134,6 +5134,7 @@ const
 	isc_block_size                       = 335545273;
 	isc_tom_key_length                   = 335545274;
 	isc_inf_invalid_args                 = 335545275;
+	isc_tom_bad_param                    = 335545276;
 	isc_gfix_db_name                     = 335740929;
 	isc_gfix_invalid_sw                  = 335740930;
 	isc_gfix_incmp_sw                    = 335740932;
--- a/src/include/gen/codetext.h
+++ b/src/include/gen/codetext.h
@ -977,6 +977,7 @@ static const struct {
 	{"block_size", 335545273},
 	{"tom_key_length", 335545274},
 	{"inf_invalid_args", 335545275},
+	{"tom_bad_param", 335545276},
 	{"gfix_db_name", 335740929},
 	{"gfix_invalid_sw", 335740930},
 	{"gfix_incmp_sw", 335740932},
--- a/src/include/gen/iberror.h
+++ b/src/include/gen/iberror.h
@ -1011,6 +1011,7 @@ const ISC_STATUS isc_ses_reset_failed                 = 335545272L;
 const ISC_STATUS isc_block_size                       = 335545273L;
 const ISC_STATUS isc_tom_key_length                   = 335545274L;
 const ISC_STATUS isc_inf_invalid_args                 = 335545275L;
+const ISC_STATUS isc_tom_bad_param                    = 335545276L;
 const ISC_STATUS isc_gfix_db_name                     = 335740929L;
 const ISC_STATUS isc_gfix_invalid_sw                  = 335740930L;
 const ISC_STATUS isc_gfix_incmp_sw                    = 335740932L;
@ -1503,7 +1504,7 @@ const ISC_STATUS isc_trace_switch_user_only           = 337182757L;
 const ISC_STATUS isc_trace_switch_param_miss          = 337182758L;
 const ISC_STATUS isc_trace_param_act_notcompat        = 337182759L;
 const ISC_STATUS isc_trace_mandatory_switch_miss      = 337182760L;
-const ISC_STATUS isc_err_max                          = 1447;
+const ISC_STATUS isc_err_max                          = 1448;

 #else /* c definitions */

@ -2484,6 +2485,7 @@ const ISC_STATUS isc_err_max                          = 1447;
 #define isc_block_size                       335545273L
 #define isc_tom_key_length                   335545274L
 #define isc_inf_invalid_args                 335545275L
+#define isc_tom_bad_param                    335545276L
 #define isc_gfix_db_name                     335740929L
 #define isc_gfix_invalid_sw                  335740930L
 #define isc_gfix_incmp_sw                    335740932L
@ -2976,7 +2978,7 @@ const ISC_STATUS isc_err_max                          = 1447;
 #define isc_trace_switch_param_miss          337182758L
 #define isc_trace_param_act_notcompat        337182759L
 #define isc_trace_mandatory_switch_miss      337182760L
-#define isc_err_max                          1447
+#define isc_err_max                          1448

 #endif

--- a/src/include/gen/msgs.h
+++ b/src/include/gen/msgs.h
@ -980,6 +980,7 @@ Data source : @4"},		/* eds_statement */
 	{335545273, "File size is less than expected"},		/* block_size */
 	{335545274, "Invalid key length @1, need >@2"},		/* tom_key_length */
 	{335545275, "Invalid information arguments"},		/* inf_invalid_args */
+	{335545276, "Empty or NULL parameter @1 is not accepted"},		/* tom_bad_param */
 	{335740929, "data base file name (@1) already given"},		/* gfix_db_name */
 	{335740930, "invalid switch @1"},		/* gfix_invalid_sw */
 	{335740932, "incompatible switch combination"},		/* gfix_incmp_sw */
--- a/src/include/gen/sql_code.h
+++ b/src/include/gen/sql_code.h
@ -976,6 +976,7 @@ static const struct {
 	{335545273, -902}, /* 953 block_size */
 	{335545274, -901}, /* 954 tom_key_length */
 	{335545275, -901}, /* 955 inf_invalid_args */
+	{335545276, -901}, /* 956 tom_bad_param */
 	{335740929, -901}, /*   1 gfix_db_name */
 	{335740930, -901}, /*   2 gfix_invalid_sw */
 	{335740932, -901}, /*   4 gfix_incmp_sw */
--- a/src/include/gen/sql_state.h
+++ b/src/include/gen/sql_state.h
@ -976,6 +976,7 @@ static const struct {
 	{335545273, "XX000"}, // 953 block_size
 	{335545274, "22023"}, // 954 tom_key_length
 	{335545275, "HY000"}, // 955 inf_invalid_args
+	{335545276, "22023"}, // 956 tom_bad_param
 	{335740929, "00000"}, //   1 gfix_db_name
 	{335740930, "00000"}, //   2 gfix_invalid_sw
 	{335740932, "00000"}, //   4 gfix_incmp_sw
--- a/src/jrd/SysFunction.cpp
+++ b/src/jrd/SysFunction.cpp
@ -2898,9 +2898,11 @@ private:
 class DscValue
 {
 public:
-	DscValue(thread_db* tdbb, const dsc* desc, bool forceNull = false)
+	DscValue(thread_db* tdbb, const dsc* desc, const char* objectName = nullptr)
 	{
-		if (desc->isBlob())
+		if (!desc)
+			l = 0;
+		else if (desc->isBlob())
 		{
 			AutoPtr<blb> b(blb::open(tdbb, tdbb->getRequest()->req_transaction, (bid*) desc->dsc_address));
 			if (b->blb_length > MAX_VARY_COLUMN_SIZE)
@ -2913,8 +2915,13 @@ public:
 		else
 			v = CVT_get_bytes(desc, l);

-		if (forceNull && l == 0)
+		if (l == 0)
+		{
+			if (objectName)
+				(Arg::Gds(isc_tom_bad_param) << objectName).raise();
+
 			v = nullptr;
+		}
 	}

 	unsigned getLength() const
@ -3021,7 +3028,7 @@ dsc* evlEncryptDecrypt(thread_db* tdbb, const SysFunction* function, const NestV
 	else if (modeName.hasData())
 		status_exception::raise(Arg::Gds(isc_tom_no_mode));

-	DscValue key(tdbb, dscs[CRYPT_ARG_KEY]);
+	DscValue key(tdbb, dscs[CRYPT_ARG_KEY], "crypt key");

 	DscValue iv(tdbb, dscs[CRYPT_ARG_IV]);
 	if ((m && (m->code != MODE_ECB)) || (a && (a->code != ALG_RC4)))	// all other need IV
@ -3503,11 +3510,11 @@ dsc* evlRsaEncryptDecrypt(thread_db* tdbb, const SysFunction* function, const Ne
 	if (!data.getBytes())
 		return nullptr;

-	DscValue key(tdbb, dscs[RSA_CRYPT_ARG_KEY]);
+	DscValue key(tdbb, dscs[RSA_CRYPT_ARG_KEY], "crypt key");
 	if (!key.getBytes())
 		return nullptr;

-	DscValue lParam(tdbb, dscs[RSA_CRYPT_ARG_LPARAM], true);
+	DscValue lParam(tdbb, dscs[RSA_CRYPT_ARG_LPARAM]);

 	// Run tomcrypt functions
 	rsa_key rsaKey;
@ -3587,7 +3594,7 @@ dsc* evlRsaPublic(thread_db* tdbb, const SysFunction* function, const NestValueA
 	if (request->req_flags & req_null)	// return NULL if value is NULL
 		return NULL;

-	DscValue data(tdbb, value);
+	DscValue data(tdbb, value, "private key");
 	rsa_key rsaKey;
 	tomCheck(rsa_import(data.getBytes(), data.getLength(), &rsaKey), Arg::Gds(isc_tom_rsa_import));

@ -3644,7 +3651,7 @@ dsc* evlRsaSign(thread_db* tdbb, const SysFunction* function, const NestValueArr
 	if (!data.getBytes())
 		return nullptr;

-	DscValue key(tdbb, dscs[RSA_SIGN_ARG_KEY]);
+	DscValue key(tdbb, dscs[RSA_SIGN_ARG_KEY], "private key");
 	if (!key.getBytes())
 		return nullptr;
 	rsa_key rsaKey;
@ -3716,7 +3723,7 @@ dsc* evlRsaVerify(thread_db* tdbb, const SysFunction* function, const NestValueA
 	if (!sign.getBytes())
 		return boolResult(tdbb, impure, false);

-	DscValue key(tdbb, dscs[RSA_VERIFY_ARG_KEY]);
+	DscValue key(tdbb, dscs[RSA_VERIFY_ARG_KEY], "public key");
 	if (!key.getBytes())
 		return boolResult(tdbb, impure, false);
 	rsa_key rsaKey;
--- a/src/msgs/facilities2.sql
+++ b/src/msgs/facilities2.sql
@ -1,7 +1,7 @@
 /* MAX_NUMBER is the next number to be used, always one more than the highest message number. */
 set bulk_insert INSERT INTO FACILITIES (LAST_CHANGE, FACILITY, FAC_CODE, MAX_NUMBER) VALUES (?, ?, ?, ?);
 --
-('2021-05-11 14:10:00', 'JRD', 0, 955)
+('2021-05-11 14:10:00', 'JRD', 0, 957)
 --('2015-03-17 18:33:00', 'QLI', 1, 533)
 ('2018-03-17 12:00:00', 'GFIX', 3, 136)
 ('1996-11-07 13:39:40', 'GPRE', 4, 1)
--- a/src/msgs/messages2.sql
+++ b/src/msgs/messages2.sql
@ -1063,6 +1063,7 @@ Data source : @4', NULL, NULL)
 ('block_size', NULL, 'unix.cpp', NULL, 0, 953, NULL, 'File size is less than expected', NULL, NULL);
 ('tom_key_length', NULL, 'SysFunction.cpp', NULL, 0, 954, NULL, 'Invalid key length @1, need >@2', NULL, NULL);
 ('inf_invalid_args', NULL, NULL, NULL, 0, 955, NULL, 'Invalid information arguments', NULL, NULL);
+('tom_bad_param', NULL, 'SysFunction.cpp', NULL, 0, 956, NULL, 'Empty or NULL parameter @1 is not accepted', NULL, NULL);
 -- GFIX
 ('gfix_db_name', 'ALICE_gfix', 'alice.c', NULL, 3, 1, NULL, 'data base file name (@1) already given', NULL, NULL);
 ('gfix_invalid_sw', 'ALICE_gfix', 'alice.c', NULL, 3, 2, NULL, 'invalid switch @1', NULL, NULL);
--- a/src/msgs/system_errors2.sql
+++ b/src/msgs/system_errors2.sql
@ -962,6 +962,7 @@ set bulk_insert INSERT INTO SYSTEM_ERRORS (SQL_CODE, SQL_CLASS, SQL_SUBCLASS, FA
 (-902, 'XX', '000', 0, 953, 'block_size', NULL, NULL)
 (-901, '22', '023', 0, 954, 'tom_key_length', NULL, NULL)
 (-901, 'HY', '000', 0, 955, 'inf_invalid_args', NULL, 'WARNING')
+(-901, '22', '023', 0, 956, 'tom_bad_param', NULL, NULL)
 -- GFIX
 (-901, '00', '000', 3, 1, 'gfix_db_name', NULL, NULL)
 (-901, '00', '000', 3, 2, 'gfix_invalid_sw', NULL, NULL)