This is an automated email from the ASF dual-hosted git repository. dingyu pushed a commit to branch fix-edl-pointer-check in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-sgx-sdk.git
commit 46b70da6edbea5b2412edb62b28f5cf470088ee0 Author: Yu Ding <[email protected]> AuthorDate: Sun Mar 7 17:10:15 2021 -0800 fix: add pointer null check on ecall function --- samplecode/http_req/enclave/src/lib.rs | 4 ++++ samplecode/tls/tlsclient/enclave/src/lib.rs | 4 ++++ sgx_tstd/src/rt.rs | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/samplecode/http_req/enclave/src/lib.rs b/samplecode/http_req/enclave/src/lib.rs index c490d69..1524448 100644 --- a/samplecode/http_req/enclave/src/lib.rs +++ b/samplecode/http_req/enclave/src/lib.rs @@ -36,6 +36,10 @@ use std::prelude::v1::*; #[no_mangle] pub extern "C" fn send_http_request(hostname: *const c_char) -> sgx_status_t { + if hostname.is_null() { + return sgx_status_t::SGX_ERROR_UNEXPECTED; + } + let hostname = unsafe { CStr::from_ptr(hostname).to_str() }; let hostname = hostname.expect("Failed to recover hostname"); diff --git a/samplecode/tls/tlsclient/enclave/src/lib.rs b/samplecode/tls/tlsclient/enclave/src/lib.rs index c4ce216..5295295 100644 --- a/samplecode/tls/tlsclient/enclave/src/lib.rs +++ b/samplecode/tls/tlsclient/enclave/src/lib.rs @@ -287,6 +287,10 @@ impl Sessions { #[no_mangle] pub extern "C" fn tls_client_new(fd: c_int, hostname: * const c_char, cert: * const c_char) -> usize { + if hostname.is_null() { + return 0xFFFF_FFFF_FFFF_FFFF; + } + let certfile = unsafe { CStr::from_ptr(cert).to_str() }; if certfile.is_err() { return 0xFFFF_FFFF_FFFF_FFFF; diff --git a/sgx_tstd/src/rt.rs b/sgx_tstd/src/rt.rs index e90fa24..ab97c0e 100644 --- a/sgx_tstd/src/rt.rs +++ b/sgx_tstd/src/rt.rs @@ -56,6 +56,10 @@ pub extern "C" fn t_global_exit_ecall() { #[no_mangle] pub extern "C" fn t_global_init_ecall(id: u64, path: *const u8, len: usize) { + if path.is_null() { + return; + } + GLOBAL_INIT_LOCK.lock(); unsafe { INIT_TCS = thread::rsgx_thread_self() }; --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
