Remove mem::forget calls in FFI returns

This is done by allocating a dedicated buffer and copying the contents of the response into it.
dusk-network · May 8, 2024 · bcc07c2 · bcc07c2
1 parent 361484c
commit bcc07c2
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 17 deletions.
diff --git a/assets/dusk_wallet_core.wasm b/assets/dusk_wallet_core.wasm
diff --git a/src/ffi.rs b/src/ffi.rs
@@ -53,11 +53,9 @@ pub fn seed(args: i32, len: i32) -> i64 {
     hash.update(b"SEED");
 
     let seed = hash.finalize().to_vec();
-    let ptr = seed.as_ptr() as u32;
-    let len = seed.len() as u32;
 
-    mem::forget(seed);
-    utils::compose(true, ptr, len)
+    let (ptr, len) = utils::allocated_copy(seed);
+    utils::compose(true, ptr as _, len as _)
 }
 
 /// Computes the total balance of the given notes.

diff --git a/src/utils.rs b/src/utils.rs
@@ -6,10 +6,10 @@
 
 //! Misc utilities required by the library implementation.
 
-use crate::{tx, MAX_INPUT_NOTES, MAX_LEN, RNG_SEED};
+use crate::{ffi, tx, MAX_INPUT_NOTES, MAX_LEN, RNG_SEED};
 
 use alloc::vec::Vec;
-use core::mem;
+use core::ptr;
 
 use dusk_bytes::DeserializableSlice;
 use dusk_jubjub::JubJubScalar;
@@ -93,14 +93,9 @@ pub fn into_ptr<T>(response: T) -> i64
 where
     T: Serialize,
 {
-    let response = serde_json::to_string(&response).unwrap_or_default();
-    let ptr = response.as_ptr() as u32;
-    let len = response.len() as u32;
-    let result = compose(true, ptr, len);
-
-    mem::forget(response);
-
-    result
+    let response = serde_json::to_string(&response).unwrap_or_default().leak();
+    let (ptr, len) = allocated_copy(response);
+    compose(true, ptr as _, len as _)
 }
 
 /// Returns the provided bytes as a pointer
@@ -113,13 +108,25 @@ where
         Err(_) => return fail(),
     };
 
-    let ptr = bytes.as_ptr() as u32;
-    let len = bytes.len() as u32;
+    let (ptr, len) = allocated_copy(bytes);
 
-    mem::forget(bytes);
     compose(true, ptr, len)
 }
 
+/// Allocated a new buffer, copies the provided bytes to it, and returns the
+/// pointer and length of the new buffer.
+pub fn allocated_copy<B: AsRef<[u8]>>(bytes: B) -> (u32, u32) {
+    unsafe {
+        let bytes = bytes.as_ref();
+        let len = bytes.len();
+
+        let ptr = ffi::allocate(bytes.len() as _);
+        ptr::copy_nonoverlapping(bytes.as_ptr(), ptr as _, len);
+
+        (ptr as _, len as _)
+    }
+}
+
 /// Creates a secure RNG directly a seed.
 pub fn rng(seed: [u8; 32]) -> ChaCha12Rng {
     ChaCha12Rng::from_seed(seed)