From d07446171ce6adac3c918a5b3a05436ea51583f3 Mon Sep 17 00:00:00 2001
From: Apollo3zehn <git@m1.apollo3zehn.net>
Date: Tue, 26 Sep 2023 19:51:42 +0200
Subject: [PATCH] Fix a bug where a buffer was accessed after free

---
 .vscode/launch.json                               |  4 ++--
 CHANGELOG.md                                      |  5 +++++
 src/Nexus/API/JobsController.cs                   |  2 +-
 src/Nexus/Services/DataService.cs                 | 15 ++++++---------
 .../Extensibility/DataSource/DataSourceTypes.cs   |  4 +++-
 version.json                                      |  2 +-
 6 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/.vscode/launch.json b/.vscode/launch.json
index ca90bfb9..6b926e56 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -34,7 +34,7 @@
              * - exit
              * 
              * 2. Configure docker so that port 22 is exposed (e.g. to port 2222), then test the connection:
-             * - ssh root@<docker host> -p 2222
+             * - ssh root@ensyno.iwes.fraunhofer.de -p 2222
              *
              * 3. Replace <docker host> below with the actual host
              */
@@ -46,7 +46,7 @@
                 "pipeProgram": "ssh",
                 "pipeArgs": [
                     "-T",
-                    "root@<docker host>",
+                    "root@ensyno.iwes.fraunhofer.de",
                     "-p",
                     "2222"
                 ], // replace <docker host>
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ddfbc13c..7b9ec0c1 100755
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,8 @@
+## v2.0.0-beta.19 - 2023-09-26
+
+### Bugs fixed:
+- Fixed a bug where a buffer was accessed after free.
+
 ## v2.0.0-beta.18 - 2023-09-20
 
 ### Bugs fixed:
diff --git a/src/Nexus/API/JobsController.cs b/src/Nexus/API/JobsController.cs
index e2906472..b2f54ec2 100644
--- a/src/Nexus/API/JobsController.cs
+++ b/src/Nexus/API/JobsController.cs
@@ -228,7 +228,7 @@ public async Task<ActionResult<Job>> ExportAsync(
                 {
                     try
                     {
-                        var result = await dataService.ExportAsync(job.Id, catalogItemRequests, dataService.ReadAsDoubleArrayAsync, parameters, cts.Token);
+                        var result = await dataService.ExportAsync(job.Id, catalogItemRequests, dataService.ReadAsDoubleAsync, parameters, cts.Token);
                         return result;
                     }
                     catch (Exception ex)
diff --git a/src/Nexus/Services/DataService.cs b/src/Nexus/Services/DataService.cs
index f8566788..0a1391b9 100644
--- a/src/Nexus/Services/DataService.cs
+++ b/src/Nexus/Services/DataService.cs
@@ -20,10 +20,11 @@ Task<Stream> ReadAsStreamAsync(
            DateTime end,
            CancellationToken cancellationToken);
 
-        Task<ReadOnlyMemory<double>> ReadAsDoubleArrayAsync(
+        Task ReadAsDoubleAsync(
            string resourcePath,
            DateTime begin,
            DateTime end,
+           Memory<double> buffer,
            CancellationToken cancellationToken);
 
         Task<string> ExportAsync(
@@ -120,7 +121,7 @@ public async Task<Stream> ReadAsStreamAsync(
                 begin,
                 end,
                 catalogItemRequest,
-                readDataHandler: ReadAsDoubleArrayAsync,
+                readDataHandler: ReadAsDoubleAsync,
                 _memoryTracker,
                 _loggerFactory.CreateLogger<DataSourceController>(),
                 cancellationToken);
@@ -128,10 +129,11 @@ public async Task<Stream> ReadAsStreamAsync(
             return stream;
         }
 
-        public async Task<ReadOnlyMemory<double>> ReadAsDoubleArrayAsync(
+        public async Task ReadAsDoubleAsync(
            string resourcePath,
            DateTime begin,
            DateTime end,
+           Memory<double> buffer,
            CancellationToken cancellationToken)
         {
             var stream = await ReadAsStreamAsync(
@@ -140,10 +142,7 @@ public async Task<ReadOnlyMemory<double>> ReadAsDoubleArrayAsync(
                 end,
                 cancellationToken);
 
-            var elementCount = (int)(stream.Length / 8); // TODO is this cast safe?
-            using var memoryOwner = MemoryPool<double>.Shared.Rent(elementCount);
-            var result = memoryOwner.Memory.Slice(0, elementCount);
-            var byteBuffer = new CastMemoryManager<double, byte>(result).Memory;
+            var byteBuffer = new CastMemoryManager<double, byte>(buffer).Memory;
 
             int bytesRead;
 
@@ -151,8 +150,6 @@ public async Task<ReadOnlyMemory<double>> ReadAsDoubleArrayAsync(
             {
                 byteBuffer = byteBuffer[bytesRead..];
             }
-
-            return result;
         }
 
         public async Task<string> ExportAsync(
diff --git a/src/extensibility/dotnet-extensibility/Extensibility/DataSource/DataSourceTypes.cs b/src/extensibility/dotnet-extensibility/Extensibility/DataSource/DataSourceTypes.cs
index 6f327357..3092db8e 100644
--- a/src/extensibility/dotnet-extensibility/Extensibility/DataSource/DataSourceTypes.cs
+++ b/src/extensibility/dotnet-extensibility/Extensibility/DataSource/DataSourceTypes.cs
@@ -34,12 +34,14 @@ public record ReadRequest(
     /// <param name="resourcePath">The path to the resource data to stream.</param>
     /// <param name="begin">Start date/time.</param>
     /// <param name="end">End date/time.</param>
+    /// <param name="buffer">The buffer to read to the data into.</param>
     /// <param name="cancellationToken">A cancellation token.</param>
     /// <returns></returns>
-    public delegate Task<ReadOnlyMemory<double>> ReadDataHandler(
+    public delegate Task ReadDataHandler(
         string resourcePath,
         DateTime begin,
         DateTime end,
+        Memory<double> buffer,
         CancellationToken cancellationToken);
 
     internal class ReadRequestManager : IDisposable
diff --git a/version.json b/version.json
index 03bd1c49..f715006e 100644
--- a/version.json
+++ b/version.json
@@ -1,4 +1,4 @@
 {
     "version": "2.0.0",
-    "suffix": "beta.18"
+    "suffix": "beta.19"
 }
\ No newline at end of file