From 40ac1c4dd242317228b645daa2d0ab9da2ddc92a Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Mon, 4 Oct 2021 11:45:18 -0600 Subject: [PATCH 1/3] remove error queue from JNI build and put a default max on error queue size --- configure.ac | 3 +++ wolfcrypt/src/logging.c | 34 +++++++++++++++++++++++++++++----- 2 files changed, 32 insertions(+), 5 deletions(-) diff --git a/configure.ac b/configure.ac index f3d16a48c..c198e217c 100644 --- a/configure.ac +++ b/configure.ac @@ -6447,6 +6447,9 @@ AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"], AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"], [AM_CFLAGS="$AM_CFLAGS -DED25519_SMALL"]) +# Turn off error queue with JNI Java use +AS_IF([test "x$ENABLED_JNI" = "xyes"], + [AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_QUEUE"]) if test "$ENABLED_ED25519_STREAM" != "no" then diff --git a/wolfcrypt/src/logging.c b/wolfcrypt/src/logging.c index 97e145524..8262be68d 100644 --- a/wolfcrypt/src/logging.c +++ b/wolfcrypt/src/logging.c @@ -71,6 +71,17 @@ THREAD_LS_T #endif struct wc_error_queue* wc_last_node; /* pointer to last node in queue to make insertion O(1) */ + +#ifndef ERROR_QUEUE_MAX + /* this breaks from compat of unlimited error queue size */ + #define ERROR_QUEUE_MAX 100 +#endif +static +#ifdef ERROR_QUEUE_PER_THREAD +THREAD_LS_T +#endif +int wc_error_queue_count = 0; + #endif #ifdef WOLFSSL_FUNC_TIME @@ -474,17 +485,25 @@ void WOLFSSL_ERROR(int error) XSNPRINTF(buffer, sizeof(buffer), "wolfSSL error occurred, error = %d line:%d file:%s", error, line, file); - if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) { - WOLFSSL_MSG("Error creating logging node"); - /* with void function there is no return here, continue on - * to unlock mutex and log what buffer was created. */ + + if (wc_error_queue_count >= ERROR_QUEUE_MAX) { + WOLFSSL_MSG("Error queue is full, at ERROR_QUEUE_MAX"); + } + else { + if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) { + WOLFSSL_MSG("Error creating logging node"); + /* with void function there is no return here, continue on + * to unlock mutex and log what buffer was created. */ + } + else { + wc_error_queue_count++; + } } #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) } else { XSNPRINTF(buffer, sizeof(buffer), "wolfSSL error occurred, error = %d", error); - } #endif @@ -522,6 +541,7 @@ int wc_LoggingInit(void) WOLFSSL_MSG("Bad Init Mutex"); return BAD_MUTEX_E; } + wc_error_queue_count = 0; wc_errors = NULL; wc_current_node = NULL; wc_last_node = NULL; @@ -768,6 +788,7 @@ void wc_RemoveErrorNode(int idx) if (wc_current_node == current) wc_current_node = current->next; XFREE(current, current->heap, DYNAMIC_TYPE_LOG); + wc_error_queue_count--; } wc_UnLockMutex(&debug_mutex); @@ -799,6 +820,7 @@ void wc_ClearErrorNodes(void) } } + wc_error_queue_count = 0; wc_errors = NULL; wc_last_node = NULL; wc_current_node = NULL; @@ -840,6 +862,7 @@ int wc_ERR_remove_state(void) current = next; } + wc_error_queue_count = 0; wc_errors = NULL; wc_last_node = NULL; @@ -889,6 +912,7 @@ void wc_ERR_print_errors_cb(int (*cb)(const char *str, size_t len, void *u), } /* set global pointers to match having been freed */ + wc_error_queue_count = 0; wc_errors = NULL; wc_last_node = NULL; From b582e152ea6bba65f124def4d6c67803d270657e Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Mon, 4 Oct 2021 14:52:05 -0600 Subject: [PATCH 2/3] add test case max error queue size --- tests/api.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/tests/api.c b/tests/api.c index 49544720d..56bc3f5e6 100644 --- a/tests/api.c +++ b/tests/api.c @@ -36022,6 +36022,19 @@ static THREAD_RETURN WOLFSSL_THREAD test_logging(void* args) } AssertIntEQ(errorCount, ERROR_COUNT); + /* test max queue behavior, trying to add an arbitrary 3 errors over */ + errorCount = 0; + for (i = 0; i < ERROR_QUEUE_MAX + 3; i++) + ERR_put_error(ERR_LIB_PEM, SYS_F_ACCEPT, -990 - i, __FILE__, __LINE__); + + while ((err = ERR_get_error_line(&file, &line))) { + AssertIntEQ(err, 990 + errorCount); + errorCount++; + } + + /* test that the 3 errors over the max were dropped */ + AssertIntEQ(errorCount, ERROR_QUEUE_MAX); + return 0; } #endif From 34c9367cbef2592e8df9b294f9528c25cc4b387c Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Wed, 6 Oct 2021 11:55:40 -0600 Subject: [PATCH 3/3] refactor location of error queue count and consolidate no error queue macro --- configure.ac | 15 +++++---------- wolfcrypt/src/logging.c | 23 +++++++++++------------ 2 files changed, 16 insertions(+), 22 deletions(-) diff --git a/configure.ac b/configure.ac index c198e217c..170d6fd06 100644 --- a/configure.ac +++ b/configure.ac @@ -2436,12 +2436,6 @@ AC_ARG_ENABLE([errorqueue], [ ENABLED_ERROR_QUEUE=yes ] ) -if test "$ENABLED_ERROR_QUEUE" = "no" -then - AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_QUEUE" -fi - - # OLD TLS AC_ARG_ENABLE([oldtls], [AS_HELP_STRING([--enable-oldtls],[Enable old TLS versions < 1.2 (default: enabled)])], @@ -6447,16 +6441,17 @@ AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"], AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"], [AM_CFLAGS="$AM_CFLAGS -DED25519_SMALL"]) -# Turn off error queue with JNI Java use -AS_IF([test "x$ENABLED_JNI" = "xyes"], - [AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_QUEUE"]) - if test "$ENABLED_ED25519_STREAM" != "no" then AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ED25519_STREAMING_VERIFY" AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ED25519_STREAMING_VERIFY" fi +if test "$ENABLED_ERROR_QUEUE" = "no" || test "$ENABLED_JNI" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_QUEUE" +fi + AS_IF([test "x$ENABLED_OPENSSLALL" = "xyes"], [AM_CFLAGS="-DOPENSSL_ALL -DWOLFSSL_EITHER_SIDE -DWC_RSA_NO_PADDING -DWC_RSA_PSS -DWOLFSSL_PSS_LONG_SALT $AM_CFLAGS"]) diff --git a/wolfcrypt/src/logging.c b/wolfcrypt/src/logging.c index 8262be68d..06b3c9e7b 100644 --- a/wolfcrypt/src/logging.c +++ b/wolfcrypt/src/logging.c @@ -486,18 +486,10 @@ void WOLFSSL_ERROR(int error) "wolfSSL error occurred, error = %d line:%d file:%s", error, line, file); - if (wc_error_queue_count >= ERROR_QUEUE_MAX) { - WOLFSSL_MSG("Error queue is full, at ERROR_QUEUE_MAX"); - } - else { - if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) { - WOLFSSL_MSG("Error creating logging node"); - /* with void function there is no return here, continue on - * to unlock mutex and log what buffer was created. */ - } - else { - wc_error_queue_count++; - } + if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) { + WOLFSSL_MSG("Error creating logging node"); + /* with void function there is no return here, continue on + * to unlock mutex and log what buffer was created. */ } #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) } @@ -687,6 +679,12 @@ int wc_AddErrorNode(int error, int line, char* buf, char* file) WOLFSSL_MSG("Error queue turned off, can not add nodes"); #else struct wc_error_queue* err; + + if (wc_error_queue_count >= ERROR_QUEUE_MAX) { + WOLFSSL_MSG("Error queue is full, at ERROR_QUEUE_MAX"); + return MEMORY_E; + } + err = (struct wc_error_queue*)XMALLOC( sizeof(struct wc_error_queue), wc_error_heap, DYNAMIC_TYPE_LOG); if (err == NULL) { @@ -751,6 +749,7 @@ int wc_AddErrorNode(int error, int line, char* buf, char* file) wc_current_node = err; } } + wc_error_queue_count++; } #endif return 0;