refactor(c): enable sanitizers and pass creds as pointers

geonnave · Mar 13, 2024 · 86394d9 · 86394d9
1 parent b496933
commit 86394d9
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 16 deletions.
diff --git a/examples/lakers-c-native/Makefile b/examples/lakers-c-native/Makefile
@@ -1,5 +1,5 @@
 CC=gcc
-CFLAGS=-Wall -I../../target/include
+CFLAGS=-Wall -I../../target/include -fsanitize=address,undefined,leak
 
 TARGET=lakers_c_native
 
@@ -16,6 +16,8 @@ ifeq ($(LAKERS_EAD), authz)
 	CFLAGS += -DLAKERS_EAD_AUTHZ
 endif
 
+LDFLAGS=-fsanitize=address,undefined,leak
+
 all: $(TARGET)
 
 # rule for building the target executable

diff --git a/examples/lakers-c-native/README.md b/examples/lakers-c-native/README.md
@@ -17,3 +17,5 @@ make LAKERS_EAD=authz && ./lakers_c_native
 - See the README in the `lakers-c` crate.
 - Install [libcoap](https://libcoap.net/install.html):
   - tested with the following configuration: `./configure --disable-doxygen --disable-manpages --disable-dtls --disable-oscore`
+
+Note: the following sanitizers are enabled in the `Makefile`: `address,undefined,leak` (see for example the [AddressSanitizer](https://clang.llvm.org/docs/AddressSanitizer.html)). They may help catch bugs but make the executable larger and slower.
diff --git a/examples/lakers-c-native/main.c b/examples/lakers-c-native/main.c
@@ -43,10 +43,13 @@ static coap_response_t message_handler(coap_session_t *session COAP_UNUSED,
     has_coap_response = 1;
     // coap_show_pdu(COAP_LOG_WARN, received);
     const uint8_t *data;
-    coap_get_data(received, &coap_response_payload_len, &data);
-    memcpy(coap_response_payload, data, coap_response_payload_len);
-    puts("received coap response");
-    print_hex((uint8_t *)coap_response_payload, coap_response_payload_len);
+    if (coap_get_data(received, &coap_response_payload_len, &data)) {
+        memcpy(coap_response_payload, data, coap_response_payload_len);
+        puts("received coap response");
+        print_hex((uint8_t *)coap_response_payload, coap_response_payload_len);
+    } else {
+        puts("received coap response without payload");
+    }
     return COAP_RESPONSE_OK;
 }
 
@@ -169,16 +172,16 @@ int main(void)
         puts("ead-authz voucher received and validated");
     }
 #endif
-    res = initiator_verify_message_2(&initiator, &I, cred_i, fetched_cred_r);
+    res = initiator_verify_message_2(&initiator, &I, &cred_i, &fetched_cred_r);
     if (res != 0) {
         printf("Error verify msg2: %d\n", res);
         return 1;
     }
 
     puts("preparing msg3");
-    EdhocMessageBuffer message_3;
-    uint8_t prk_out[SHA256_DIGEST_LEN];
-    res = initiator_prepare_message_3(&initiator, ByReference, NULL, &message_3, prk_out);
+    EdhocMessageBuffer message_3 = {0};
+    uint8_t prk_out[SHA256_DIGEST_LEN] = {0};
+    res = initiator_prepare_message_3(&initiator, ByReference, NULL, &message_3, &prk_out);
     if (res != 0) {
         printf("Error prep msg3: %d\n", res);
         return 1;

diff --git a/lakers-c/src/initiator.rs b/lakers-c/src/initiator.rs
@@ -137,8 +137,8 @@ pub unsafe extern "C" fn initiator_verify_message_2(
     initiator_c: *mut EdhocInitiator,
     i: *const BytesP256ElemLen,
     // i_len: usize,
-    mut cred_i: CredentialRPK,
-    valid_cred_r: CredentialRPK,
+    mut cred_i: *mut CredentialRPK,
+    valid_cred_r: *mut CredentialRPK,
 ) -> i8 {
     if initiator_c.is_null() || i.is_null() {
         return -1;
@@ -147,10 +147,10 @@ pub unsafe extern "C" fn initiator_verify_message_2(
 
     let state = core::ptr::read(&(*initiator_c).processing_m2).to_rust();
 
-    match i_verify_message_2(&state, crypto, valid_cred_r, &(*i)) {
+    match i_verify_message_2(&state, crypto, *valid_cred_r, &(*i)) {
         Ok(state) => {
             (*initiator_c).processed_m2 = state;
-            (*initiator_c).cred_i = &mut cred_i as *mut CredentialRPK;
+            (*initiator_c).cred_i = cred_i;
             0
         }
         Err(err) => err as i8,
@@ -172,7 +172,7 @@ pub unsafe extern "C" fn initiator_prepare_message_3(
     }
     let crypto = &mut default_crypto();
 
-    let mut state = core::ptr::read(&(*initiator_c).processed_m2);
+    let state = core::ptr::read(&(*initiator_c).processed_m2);
 
     let ead_3 = if ead_3_c.is_null() {
         None
@@ -182,7 +182,7 @@ pub unsafe extern "C" fn initiator_prepare_message_3(
     };
 
     match i_prepare_message_3(
-        &mut state,
+        &state,
         crypto,
         *(*initiator_c).cred_i,
         cred_transfer,

diff --git a/lakers-c/src/lib.rs b/lakers-c/src/lib.rs
@@ -9,6 +9,7 @@
 use lakers::*;
 use lakers_crypto::{default_crypto, CryptoTrait};
 
+#[cfg(feature = "ead-authz")]
 pub mod ead_authz;
 pub mod initiator;
 

diff --git a/lib/src/edhoc.rs b/lib/src/edhoc.rs
@@ -399,7 +399,7 @@ pub fn i_verify_message_2(
 }
 
 pub fn i_prepare_message_3(
-    state: &mut ProcessedM2,
+    state: &ProcessedM2,
     crypto: &mut impl CryptoTrait,
     cred_i: CredentialRPK,
     cred_transfer: CredentialTransfer,