Fix bugs which could result in core dump (crustio#219)

Author: TonyCode2012

src/app/http/ApiHandler.h

@@ -346,9 +346,11 @@ void ApiHandler::http_handler(beast::string_view /*doc_root*/,
                     config_ofs.close();
                     res.body() = ret_info;
                     res.result(403);
+                    config_ofs.close();
                     goto postcleanup;
                 }
 
+                config_ofs.close();
                 ret_info = "Change karst url successfully!Will use new karst url next era!";
                 p_log->info("%s Set karst url to:%s\n", ret_info.c_str(), karst_url.c_str());
                 res.body() = ret_info;
@@ -584,6 +586,11 @@ void ApiHandler::http_handler(beast::string_view /*doc_root*/,
                 sealed_tree_map.unsafe_erase(org_root_hash_str);
             }
 
+            if (p_new_path != NULL)
+            {
+                free(p_new_path);
+            }
+
             goto postcleanup;
         }
 

src/app/include/Resource.h

@@ -10,3 +10,6 @@
 
 // For db data
 #define DB_SRD_INFO "srd_info"
+
+// For buffer pool
+#define BUFFER_AVAILABLE "buffer_available"

src/app/ocalls/OCalls.cpp

@@ -261,6 +261,7 @@ crust_status_t ocall_get_file(const char *file_path, unsigned char **p_file, siz
         ocall_file_data = (uint8_t*)realloc(ocall_file_data, ocall_file_data_len);
         if (ocall_file_data == NULL)
         {
+            in.close();
             return CRUST_MALLOC_FAILED;
         }
     }
@@ -314,6 +315,7 @@ crust_status_t ocall_get_storage_file(const char *file_path, unsigned char **p_f
         _storage_buffer = (uint8_t*)realloc(_storage_buffer, _storage_buffer_len);
         if (_storage_buffer == NULL)
         {
+            in.close();
             return CRUST_MALLOC_FAILED;
         }
     }
@@ -689,11 +691,21 @@ void ocall_store_enclave_id_info(const char *info)
 
 /**
  * @description: Store enclave workload
- * @param wl -> Workload information
+ * @param data -> Workload information
+ * @param data_size -> Workload size
  */
-void ocall_store_workload(const char *wl)
+void ocall_store_workload(const char *data, size_t data_size, bool flag /*=true*/)
 {
-    set_g_enclave_workload(wl);
+    if (flag)
+    {
+        set_g_enclave_workload(std::string(data, data_size));
+    }
+    else
+    {
+        std::string str = get_g_enclave_workload();
+        str.append(data, data_size);
+        set_g_enclave_workload(str);
+    }
 }
 
 /**

src/app/ocalls/OCalls.h

@@ -63,7 +63,7 @@ extern "C"
     void ocall_store_enclave_id_info(const char *info);
     void ocall_store_order_report(const char *p_order, size_t order_size);
     void ocall_store_identity(const char *id);
-    void ocall_store_workload(const char *wl);
+    void ocall_store_workload(const char *data, size_t data_size, bool flag = true);
     void ocall_store_workreport(const char *wr);
 
 #if defined(__cplusplus)

src/app/utils/BufferPool.cpp

@@ -1,5 +1,4 @@
 #include "BufferPool.h"
-#include "Log.h"
 
 BufferPool *BufferPool::buffer_pool = NULL;
 
@@ -34,6 +33,8 @@ BufferPool::BufferPool()
             p_log->err("Allocate persist buffer(num:%d) failed!", i);
             continue;
         }
+        memset(buf, 0, _buffer_size);
+        memcpy(buf, BUFFER_AVAILABLE, strlen(BUFFER_AVAILABLE));
         this->buffers.push_back(std::make_pair(buf, _buffer_size));
     }
 }
@@ -60,11 +61,22 @@ BufferPool::~BufferPool()
 uint8_t *BufferPool::get_buffer(size_t buf_len)
 {
     _buffer_mutex.lock();
-    cur_index++;
-    if (cur_index >= this->buffers.size())
+    int tryout = 300;
+    // Get available buffer
+    do
     {
-        cur_index = cur_index % this->buffers.size();
-    }
+        if (cur_index >= this->buffers.size())
+        {
+            cur_index = cur_index % this->buffers.size();
+        }
+        if (memcmp(this->buffers[cur_index].first, BUFFER_AVAILABLE, strlen(BUFFER_AVAILABLE)) == 0)
+        {
+            break;
+        }
+        cur_index++;
+        usleep(100000);
+    } while (tryout-- > 0);
+    // Check if buffer is enough
     if (buf_len > this->buffers[cur_index].second)
     {
         free(this->buffers[cur_index].first);

src/app/utils/BufferPool.h

@@ -6,6 +6,11 @@
 #include <vector>
 #include <string.h>
 #include <utility>
+#include <unistd.h>
+
+#include "Log.h"
+#include "Resource.h"
+#include "FormatUtils.h"
 
 class BufferPool
 {
@@ -20,8 +25,8 @@ class BufferPool
     BufferPool();
     uint32_t cur_index = 0;
     std::vector<std::pair<uint8_t*, size_t>> buffers;
-    size_t _buffer_size = 2*1024*1024;
-    uint32_t _buffer_num = 5;
+    size_t _buffer_size = 1*1024*1024;
+    uint32_t _buffer_num = 15;
 
 };
 

src/app/utils/FileUtils.cpp

@@ -293,6 +293,7 @@ std::vector<std::string> get_sub_folders_and_files(const char *path)
 
             dirs.push_back(std::string(ent->d_name));
         }
+        closedir(dir);
     }
 
     return dirs;

src/enclave/Enclave.config.xml

@@ -1,8 +1,8 @@
 <EnclaveConfiguration>
   <ProdID>0</ProdID>
   <ISVSVN>0</ISVSVN>
-  <StackMaxSize>0x400000</StackMaxSize>
-  <HeapMaxSize>0x6000000</HeapMaxSize>
+  <StackMaxSize>0x2000000</StackMaxSize>
+  <HeapMaxSize>0x20000000</HeapMaxSize>
   <TCSNum>15</TCSNum>
   <TCSPolicy>0</TCSPolicy>
   <DisableDebug>0</DisableDebug>

src/enclave/Enclave.edl

@@ -2,6 +2,7 @@ enclave {
     include "sgx_tcrypto.h"
     include "sgx_dh.h"
     include "sgx_tseal.h"
+    include "stdbool.h"
     include "MerkleTree.h"
     include "CrustStatus.h"
 	include "IASReport.h"
@@ -77,7 +78,7 @@ enclave {
         void ocall_store_order_report([in, size=order_size] const char *p_order, size_t order_size);
         void ocall_store_identity([in, string] const char *id);
         void ocall_store_enclave_id_info([in, string] const char *info);
-        void ocall_store_workload([in, string] const char *wl);
+        void ocall_store_workload([in, size=data_size] const char *data, size_t data_size, bool flag);
         void ocall_store_workreport([in, string] const char *wr);
     };
 };

src/enclave/identity/Identity.cpp

@@ -381,7 +381,7 @@ crust_status_t id_verify_iasreport(char **IASReport, size_t size)
     uint8_t *p_account_id_u = hex_string_to_bytes(chain_account_id.c_str(), chain_account_id.size());
     size_t account_id_u_len = chain_account_id.size() / 2;
     uint8_t *org_data, *p_org_data = NULL;
-    size_t org_data_len = 0;
+    uint32_t org_data_len = 0;
 
 
     // ----- Verify IAS signature ----- //
@@ -602,22 +602,26 @@ crust_status_t id_verify_iasreport(char **IASReport, size_t size)
 
 cleanup:
     if (pkey != NULL)
-    {
         EVP_PKEY_free(pkey);
-    }
+
     cert_stack_free(stack);
-    free(certar);
+
+    if (certar != NULL)
+        free(certar);
+
     for (i = 0; i < count; ++i)
     {
         X509_free(certvec[i]);
     }
 
-    free(sig);
-    free(iasQuote);
+    if (sig != NULL)
+        free(sig);
+
+    if (iasQuote != NULL)
+        free(iasQuote);
+
     if (ecc_state != NULL)
-    {
         sgx_ecc256_close_context(ecc_state);
-    }
 
     if (p_org_data != NULL)
         free(p_org_data);
@@ -897,36 +901,31 @@ crust_status_t id_store_metadata()
     sgx_thread_mutex_lock(&g_metadata_mutex);
 
     // Get original metadata
+    Workload *wl = Workload::get_instance();
     crust_status_t crust_status = CRUST_SUCCESS;
-    json::JSON meta_json;
-    size_t meta_len = 0;
-    uint8_t *p_meta = NULL;
     std::string hex_id_key_str = hexstring_safe(&id_key_pair, sizeof(id_key_pair));
-    id_get_metadata(meta_json, false);
 
     // ----- Store metadata ----- //
-    meta_json[ID_WORKLOAD] = Workload::get_instance()->serialize_srd();
-    meta_json[ID_KEY_PAIR] = hex_id_key_str;
-    meta_json[ID_REPORT_SLOG] = report_slot;
-    meta_json[ID_CHAIN_ACCOUNT_ID] = g_chain_account_id;
-    std::string meta_str = meta_json.dump();
-    meta_len = meta_str.size() + strlen(TEE_PRIVATE_TAG);
-    p_meta = (uint8_t*)enc_malloc(meta_len);
-    if (p_meta == NULL)
-    {
-        crust_status = CRUST_MALLOC_FAILED;
-        goto cleanup;
-    }
-    memset(p_meta, 0, meta_len);
-    memcpy(p_meta, TEE_PRIVATE_TAG, strlen(TEE_PRIVATE_TAG));
-    memcpy(p_meta + strlen(TEE_PRIVATE_TAG), meta_str.c_str(), meta_str.size());
-    crust_status = persist_set(ID_METADATA, p_meta, meta_len);
-
-
-cleanup:
-
-    if (p_meta != NULL)
-        free(p_meta);
+    std::string meta_str(TEE_PRIVATE_TAG);
+    meta_str.append("{");
+    // Append srd
+    meta_str.append("\"").append(ID_WORKLOAD).append("\":")
+        .append(wl->serialize_srd()).append(",");
+    // Append id key pair
+    meta_str.append("\"").append(ID_KEY_PAIR).append("\":")
+        .append("\"").append(hex_id_key_str).append("\",");
+    // Append report slot
+    meta_str.append("\"").append(ID_REPORT_SLOT).append("\":")
+        .append("\"").append(std::to_string(report_slot)).append("\",");
+    // Append chain account id
+    meta_str.append("\"").append(ID_CHAIN_ACCOUNT_ID).append("\":")
+        .append("\"").append(g_chain_account_id).append("\",");
+    // Append files
+    meta_str.append("\"").append(ID_FILE).append("\":")
+        .append(wl->serialize_file());
+    meta_str.append("}");
+
+    crust_status = persist_set(ID_METADATA, reinterpret_cast<const uint8_t *>(meta_str.c_str()), meta_str.size());
 
     sgx_thread_mutex_unlock(&g_metadata_mutex);
 
@@ -996,7 +995,7 @@ crust_status_t id_restore_metadata()
     memcpy(&id_key_pair, p_id_key, sizeof(id_key_pair));
     free(p_id_key);
     // Restore report slot
-    report_slot = meta_json[ID_REPORT_SLOG].ToInt();
+    report_slot = meta_json[ID_REPORT_SLOT].ToInt();
     // Restore chain account id
     g_chain_account_id = meta_json[ID_CHAIN_ACCOUNT_ID].ToString();
 
@@ -1044,14 +1043,12 @@ crust_status_t id_set_chain_account_id(const char *account_id, size_t len)
         return CRUST_DOUBLE_SET_VALUE;
     }
 
-    char *buffer = (char *)enc_malloc(len);
-    if (buffer == NULL)
+    if (account_id == NULL)
     {
-        return CRUST_MALLOC_FAILED;
+        return CRUST_UNEXPECTED_ERROR;
     }
-    memset(buffer, 0, len);
-    memcpy(buffer, account_id, len);
-    g_chain_account_id = string(buffer, len);
+
+    g_chain_account_id = string(account_id, len);
     g_is_set_account_id = true;
 
     return CRUST_SUCCESS;
@@ -1082,7 +1079,6 @@ size_t id_get_report_slot()
 void id_set_report_slot(size_t new_report_slot)
 {
     report_slot = new_report_slot;
-    id_metadata_set_or_append(ID_REPORT_SLOG, std::to_string(report_slot));
 }
 
 /**