From b632f0202fb8a54414381d8a785da59a5e56c67b Mon Sep 17 00:00:00 2001 From: Simon Rozman Date: Wed, 1 Feb 2017 10:52:57 +0100 Subject: [PATCH] get_ui_context() upgraded --- lib/EAPBase/include/Method.h | 11 +++-------- lib/EAPBase/src/Method.cpp | 16 ++++------------ lib/EapHost/include/Method.h | 4 +--- lib/EapHost/src/Method.cpp | 14 +++++++++----- lib/GTC/include/Method.h | 4 +--- lib/GTC/src/Method.cpp | 16 ++++++---------- lib/TTLS/include/Module.h | 3 +++ lib/TTLS/src/Module.cpp | 27 +++++++++++++++++++++++---- 8 files changed, 50 insertions(+), 45 deletions(-) diff --git a/lib/EAPBase/include/Method.h b/lib/EAPBase/include/Method.h index 0826b9a..3afea6e 100644 --- a/lib/EAPBase/include/Method.h +++ b/lib/EAPBase/include/Method.h @@ -161,12 +161,9 @@ namespace eap /// /// \sa [EapPeerGetUIContext function](https://msdn.microsoft.com/en-us/library/windows/desktop/aa363612.aspx) /// - /// \param[out] ppUIContextData A pointer to an address that contains a byte buffer with the supplicant user interface context data from EAPHost. - /// \param[out] pdwUIContextDataSize A pointer to a value that specifies the size of the user interface context data byte buffer returned in \p ppUIContextData. + /// \param[out] context_data Supplicant user interface context data from EAPHost. /// - virtual void get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize); + virtual void get_ui_context(_Out_ sanitizing_blob &context_data); /// /// Provides a user interface context to the EAP method. @@ -283,9 +280,7 @@ namespace eap /// \name User Interaction /// @{ - virtual void get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize); + virtual void get_ui_context(_Out_ sanitizing_blob &context_data); virtual EapPeerMethodResponseAction set_ui_context( _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, diff --git a/lib/EAPBase/src/Method.cpp b/lib/EAPBase/src/Method.cpp index 70279ac..a139a3b 100644 --- a/lib/EAPBase/src/Method.cpp +++ b/lib/EAPBase/src/Method.cpp @@ -77,16 +77,10 @@ void eap::method::get_result( } -void eap::method::get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize) +void eap::method::get_ui_context(_Out_ sanitizing_blob &context_data) { - assert(ppUIContextData); - assert(pdwUIContextDataSize); - // Default implementation returns blank context data. - *ppUIContextData = NULL; - *pdwUIContextDataSize = 0; + context_data.clear(); } @@ -199,14 +193,12 @@ void eap::method_tunnel::get_result( } -void eap::method_tunnel::get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize) +void eap::method_tunnel::get_ui_context(_Out_ sanitizing_blob &context_data) { assert(m_inner); // Default implementation forwards UI context handling to the inner method. - m_inner->get_ui_context(ppUIContextData, pdwUIContextDataSize); + m_inner->get_ui_context(context_data); } diff --git a/lib/EapHost/include/Method.h b/lib/EapHost/include/Method.h index a2d324f..f3a03e0 100644 --- a/lib/EapHost/include/Method.h +++ b/lib/EapHost/include/Method.h @@ -105,9 +105,7 @@ namespace eap /// \name User Interaction /// @{ - virtual void get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize); + virtual void get_ui_context(_Out_ sanitizing_blob &context_data); virtual EapPeerMethodResponseAction set_ui_context( _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, diff --git a/lib/EapHost/src/Method.cpp b/lib/EapHost/src/Method.cpp index af0da38..d75fbcd 100644 --- a/lib/EapHost/src/Method.cpp +++ b/lib/EapHost/src/Method.cpp @@ -209,19 +209,23 @@ void eap::method_eaphost::get_result( } -void eap::method_eaphost::get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize) +void eap::method_eaphost::get_ui_context(_Out_ sanitizing_blob &context_data) { // Get EapHost peer UI context data. + DWORD dwUIContextDataSize; + LPBYTE pUIContextData; eap_error_runtime error; DWORD dwResult = EapHostPeerGetUIContext( m_session_id, - pdwUIContextDataSize, - ppUIContextData, + &dwUIContextDataSize, + &pUIContextData, &error._Myptr); if (dwResult == ERROR_SUCCESS) { // UI context data successfuly returned. + context_data.assign(pUIContextData, pUIContextData + dwUIContextDataSize); + + // TODO: Test if EapHostPeerGetUIContext() requires us to free the buffer. + //EapHostPeerFreeMemory(pUIContextData); } else if (error) throw eap_runtime_error(*error , __FUNCTION__ " EapHostPeerGetUIContext failed."); else diff --git a/lib/GTC/include/Method.h b/lib/GTC/include/Method.h index d38b90b..32cd4f5 100644 --- a/lib/GTC/include/Method.h +++ b/lib/GTC/include/Method.h @@ -99,9 +99,7 @@ namespace eap /// \name User Interaction /// @{ - virtual void get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize); + virtual void get_ui_context(_Out_ sanitizing_blob &context_data); virtual EapPeerMethodResponseAction set_ui_context( _In_count_(dwUIContextDataSize) const BYTE *pUIContextData, diff --git a/lib/GTC/src/Method.cpp b/lib/GTC/src/Method.cpp index c6d3a21..beda200 100644 --- a/lib/GTC/src/Method.cpp +++ b/lib/GTC/src/Method.cpp @@ -122,16 +122,12 @@ void eap::method_gtc::get_result( } -void eap::method_gtc::get_ui_context( - _Out_ BYTE **ppUIContextData, - _Out_ DWORD *pdwUIContextDataSize) +void eap::method_gtc::get_ui_context(_Out_ sanitizing_blob &context_data) { - assert(ppUIContextData); - assert(pdwUIContextDataSize); - - // Return a direct pointer to authenticator string. - *pdwUIContextDataSize = (DWORD)(sizeof(sanitizing_wstring::value_type)*m_message.length()); - *ppUIContextData = const_cast(reinterpret_cast(m_message.data())); + // Return authenticator string. + context_data.assign( + reinterpret_cast(m_message.data() ), + reinterpret_cast(m_message.data() + m_message.length())); } @@ -141,7 +137,7 @@ EapPeerMethodResponseAction eap::method_gtc::set_ui_context( { // Save GTC reply. m_reply.assign( - reinterpret_cast(pUIContextData), + reinterpret_cast(pUIContextData ), reinterpret_cast(pUIContextData + dwUIContextDataSize)); // Send the reply. diff --git a/lib/TTLS/include/Module.h b/lib/TTLS/include/Module.h index eb4c0f2..e38017d 100644 --- a/lib/TTLS/include/Module.h +++ b/lib/TTLS/include/Module.h @@ -201,6 +201,9 @@ namespace eap #ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE BYTE *m_blob_cred; ///< Credentials BLOB #endif + + // The following members are required to avoid memory leakage in get_ui_context() + BYTE *m_blob_ui_ctx; ///< User Interface context data }; /// diff --git a/lib/TTLS/src/Module.cpp b/lib/TTLS/src/Module.cpp index 158f8b6..cb33e47 100644 --- a/lib/TTLS/src/Module.cpp +++ b/lib/TTLS/src/Module.cpp @@ -357,7 +357,20 @@ void eap::peer_ttls::get_ui_context( _Out_ BYTE **ppUIContextData, _Out_ DWORD *pdwUIContextDataSize) { - static_cast(hSession)->m_method->get_ui_context(ppUIContextData, pdwUIContextDataSize); + assert(ppUIContextData); + assert(pdwUIContextDataSize); + + auto s = static_cast(hSession); + + // Get context data from method. + sanitizing_blob context_data; + s->m_method->get_ui_context(context_data); + + // Pack data. + pack(context_data, ppUIContextData, pdwUIContextDataSize); + if (s->m_blob_ui_ctx) + free_memory(s->m_blob_ui_ctx); + s->m_blob_ui_ctx = *ppUIContextData; } @@ -368,7 +381,9 @@ void eap::peer_ttls::set_ui_context( _Out_ EapPeerMethodOutput *pEapOutput) { assert(pEapOutput); - pEapOutput->action = static_cast(hSession)->m_method->set_ui_context(pUIContextData, dwUIContextDataSize); + + sanitizing_blob data(std::move(unpack(pUIContextData, dwUIContextDataSize))); + pEapOutput->action = static_cast(hSession)->m_method->set_ui_context(data.data(), (DWORD)data.size()); pEapOutput->fAllowNotifications = TRUE; } @@ -505,10 +520,11 @@ eap::peer_ttls::session::session(_In_ module &mod) : m_module(mod), m_cfg(mod), m_cred(mod, m_cfg), - m_blob_cfg(NULL) + m_blob_cfg(NULL), #ifdef EAP_USE_NATIVE_CREDENTIAL_CACHE - , m_blob_cred(NULL) + m_blob_cred(NULL), #endif + m_blob_ui_ctx(NULL) {} @@ -521,6 +537,9 @@ eap::peer_ttls::session::~session() if (m_blob_cred) m_module.free_memory(m_blob_cred); #endif + + if (m_blob_ui_ctx) + m_module.free_memory(m_blob_ui_ctx); }