labyrinth-ssr opened a new issue, #441: URL: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/441
https://github.com/apache/incubator-teaclave-sgx-sdk/blob/3c903bdac4e503dd27b9b1f761c4abfc55f2464c/samplecode/localattestation/attestation/src/func.rs#L144-L145 https://github.com/apache/incubator-teaclave-sgx-sdk/blob/3c903bdac4e503dd27b9b1f761c4abfc55f2464c/samplecode/dcap-pckretrieval/qpl/src/lib.rs#L138 with `Box::into_raw()`, the pointee is on the heap. Multiple assignments will cause leak of the old value. Probable fix is like: If `session_request_safe` should only be called once, adding an Atomic to guarantee assigning only once. ```Rust const UNINITIALIZED: usize = 0; const INITIALIZING: usize = 1; const INITIALIZED: usize = 2; static GLOBAL_INIT: AtomicUsize = AtomicUsize::new(UNINITIALIZED); pub struct SetGlobalDefaultError { _no_construct: (), } // in `session_request_safe` if GLOBAL_INIT .compare_exchange( UNINITIALIZED, INITIALIZING, Ordering::SeqCst, Ordering::SeqCst, ) .is_ok() { let ptr = Box::into_raw(Box::new(session_info)); *session_ptr = ptr as * mut _ as usize; } ``` Otherwise add the else branch: ```Rust else { drop(Box::from_raw(*session_ptr)); let ptr = Box::into_raw(Box::new(session_info)); *session_ptr = ptr as * mut _ as usize; } ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@teaclave.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@teaclave.apache.org For additional commands, e-mail: notifications-h...@teaclave.apache.org
