Add a check field to the handle structure to make it less

likely to get a random valid handle. Fix a couple bugs in the event service that this change exposed. git-svn-id: http://svn.fedorahosted.org/svn/corosync/trunk@791 fd59a12c-fef9-0310-b244-a6a79926bd2f
2026-02-01 16:27:26 +00:00 · 2005-08-05 18:34:53 +00:00 · 2005-08-05 18:34:53 +00:00 · fbddefe965
commit fbddefe965
parent 096153983f
3 changed files with 50 additions and 15 deletions
--- a/exec/evt.c
+++ b/exec/evt.c
@ -314,7 +314,7 @@ struct open_chan_pending {
 	struct conn_info	*ocp_conn_info;
 	SaEvtChannelOpenFlagsT	ocp_open_flag;
 	poll_timer_handle	ocp_timer_handle;
-	uint32_t			ocp_c_handle;
+	uint64_t			ocp_c_handle;
 	struct list_head	ocp_entry;
 };

@ -491,7 +491,7 @@ struct event_data {
 * 					(struct event_server_instance.esi_events)
 */
 struct chan_event_list {
-	uint32_t			cel_chan_handle;
+	uint64_t			cel_chan_handle;
 	uint32_t			cel_sub_id;
 	struct event_data* 	cel_event;
 	struct list_head 	cel_entry;
@ -513,7 +513,7 @@ struct chan_event_list {
 */
 struct event_svr_channel_open {
 	uint8_t								eco_flags;
-	uint32_t							eco_lib_handle;
+	uint64_t							eco_lib_handle;
 	uint32_t							eco_my_handle;
 	struct event_svr_channel_instance 	*eco_channel;
 	struct list_head 					eco_entry;
--- a/lib/evt.c
+++ b/lib/evt.c
@ -354,7 +354,7 @@ saEvtInitialize(
 	 * assign instance data to unique handle
 	 */
 	error = saHandleCreate(&evt_instance_handle_db, sizeof(*evti), 
-			(void*)evtHandle);
+			evtHandle);
 	if (error != SA_AIS_OK) {
 		goto error_nofree;
 	}
@ -460,7 +460,7 @@ static SaAisErrorT make_event(SaEvtEventHandleT *event_handle,
 	int i;

 	error = saHandleCreate(&event_handle_db, sizeof(*edi), 
-		(void*)event_handle);
+		event_handle);
 	if (error != SA_AIS_OK) {
 		if (error == SA_AIS_ERR_NO_MEMORY) {
 			error = SA_AIS_ERR_LIBRARY;
@ -904,7 +904,7 @@ saEvtChannelOpen(
 	 * create a handle for this open channel
 	 */
 	error = saHandleCreate(&channel_handle_db, sizeof(*eci), 
-			(void*)channelHandle);
+			channelHandle);
 	if (error != SA_AIS_OK) {
 		goto chan_open_put;
 	}
@ -1309,7 +1309,7 @@ saEvtEventAllocate(
 	}

 	error = saHandleCreate(&event_handle_db, sizeof(*edi), 
-			(void*)eventHandle);
+			eventHandle);
 	if (error != SA_AIS_OK) {
 		goto alloc_put2;
 	}
--- a/lib/util.c
+++ b/lib/util.c
@ -64,6 +64,7 @@ struct saHandle {
 	int state;
 	void *instance;
 	int refCount;
+	uint32_t check;
 };

 SaErrorT
@ -425,7 +426,8 @@ saHandleCreate (
 	int instanceSize,
 	SaUint64T *handleOut)
 {
-	int handle;
+	uint32_t handle;
+	uint32_t check;
 	void *newHandles;
 	int found = 0;
 	void *instance;
@ -454,6 +456,10 @@ saHandleCreate (
 	if (instance == 0) {
 		return (SA_AIS_ERR_NO_MEMORY);
 	}
+
+
+	check = random();
+
 	memset (instance, 0, instanceSize);

 	handleDatabase->handles[handle].state = SA_HANDLE_STATE_ACTIVE;
@ -462,7 +468,9 @@ saHandleCreate (

 	handleDatabase->handles[handle].refCount = 1;

-	*handleOut = handle;
+	handleDatabase->handles[handle].check = check;
+
+	*handleOut = (SaUint64T)((uint64_t)check << 32 | handle);

 	pthread_mutex_unlock (&handleDatabase->mutex);

@ -473,26 +481,39 @@ saHandleCreate (
 SaErrorT
 saHandleDestroy (
 	struct saHandleDatabase *handleDatabase,
-	SaUint64T handle)
+	SaUint64T inHandle)
 {
+	SaAisErrorT error = SA_AIS_OK;
+	uint32_t check = inHandle >> 32;
+	uint32_t handle = inHandle & 0xffffffff;
+
 	pthread_mutex_lock (&handleDatabase->mutex);

+	if (check != handleDatabase->handles[handle].check) {
+		error = SA_AIS_ERR_BAD_HANDLE;
+		goto error_exit;
+	}
+
 	handleDatabase->handles[handle].state = SA_HANDLE_STATE_PENDINGREMOVAL;

+error_exit:
 	pthread_mutex_unlock (&handleDatabase->mutex);

-	saHandleInstancePut (handleDatabase, handle);
+	saHandleInstancePut (handleDatabase, inHandle);

-	return (SA_AIS_OK);
+	return (error);
 }


 SaErrorT
 saHandleInstanceGet (
 	struct saHandleDatabase *handleDatabase,
-	SaUint64T handle,
+	SaUint64T inHandle,
 	void **instance)
 { 
+	uint32_t check = inHandle >> 32;
+	uint32_t handle = inHandle & 0xffffffff;
+
 	SaErrorT error = SA_AIS_OK;
 	pthread_mutex_lock (&handleDatabase->mutex);

@ -504,6 +525,11 @@ saHandleInstanceGet (
 		error = SA_AIS_ERR_BAD_HANDLE;
 		goto error_exit;
 	}
+	if (check != handleDatabase->handles[handle].check) {
+		error = SA_AIS_ERR_BAD_HANDLE;
+		goto error_exit;
+	}
+

 	*instance = handleDatabase->handles[handle].instance;

@ -519,12 +545,20 @@ error_exit:
 SaErrorT
 saHandleInstancePut (
 	struct saHandleDatabase *handleDatabase,
-	SaUint64T handle)
+	SaUint64T inHandle)
 {
 	void *instance;
+	SaAisErrorT error = SA_AIS_OK;
+	uint32_t check = inHandle >> 32;
+	uint32_t handle = inHandle & 0xffffffff;

 	pthread_mutex_lock (&handleDatabase->mutex);

+	if (check != handleDatabase->handles[handle].check) {
+		error = SA_AIS_ERR_BAD_HANDLE;
+		goto error_exit;
+	}
+
 	handleDatabase->handles[handle].refCount -= 1;
 	assert (handleDatabase->handles[handle].refCount >= 0);

@ -535,9 +569,10 @@ saHandleInstancePut (
 		memset (&handleDatabase->handles[handle], 0, sizeof (struct saHandle));
 	}

+error_exit:
 	pthread_mutex_unlock (&handleDatabase->mutex);

-	return (SA_AIS_OK);
+	return (error);
 }