-
Notifications
You must be signed in to change notification settings - Fork 143
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Secure usage of Emscripten heap (#495)
* Heap utilities Provide some wrapper functions to hide all the intricacies of dealing with Emscripten heap. We should use these functions instead of calling C directly. Note that they ensure that allocated memory is zeroed out before use as well as after use. This makes it easier to debug initialization issues, and reduces the likelihood of sensitive data leakage through Emscripten heap. * Use heap securely in key generation * Use heap securely in Secure Cell * Use heap securely in Secure Message * Use heap securely in Secure Comparator * Use heap securely in Secure Session Instead of calling malloc() and free() directly, use our new helpers to deal with passing byte arrays between JavaScript and Emscripten. Instead of calling malloc() and free() directly, use our new helpers to deal with passing byte arrays between JavaScript and Emscripten. * Avoid NULL dereference heapAlloc: if malloc() fails then do not zero out the result heapFree: make this function a no-op to allow its usage in failure paths where the pointer is null (e.g., returned by failed heapAlloc) We use a weird check "!!buffer" because JavaScript has weird ideas about what is null and what is zero. malloc() results are generally checked with "!ptr" so we invert this check.
- Loading branch information
Showing
8 changed files
with
217 additions
and
183 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.