diff options
| author | Shawn Willden <swillden@google.com> | 2015-06-20 09:16:30 -0600 |
|---|---|---|
| committer | Shawn Willden <swillden@google.com> | 2015-06-22 15:34:23 -0600 |
| commit | 0f906ec40f6ade7955c6b967ea522aade54ea2e4 (patch) | |
| tree | 17593f61259b566713e099fe750668281b35d444 /rsa_operation.h | |
| parent | b5508298cdb1d42eaf8c81aa8a6ac2cbfdeef3c7 (diff) | |
| download | android_system_keymaster-0f906ec40f6ade7955c6b967ea522aade54ea2e4.tar.gz android_system_keymaster-0f906ec40f6ade7955c6b967ea522aade54ea2e4.tar.bz2 android_system_keymaster-0f906ec40f6ade7955c6b967ea522aade54ea2e4.zip | |
Add buffer wrap checks and disable throwing of std::bad_alloc.
Android is built with exceptions disabled, but "operator new" and
"operator new[]" still throw std::bad_alloc on failure rather than
returning new. In general this is a good thing, because it will cause
an immediate crash of the process rather than assigning a null pointer
which is probably not checked. But most memory allocations in Keymaster
are checked, because it's written to run in an environment where new
does *not* throw. This CL updates the code to explicitly use the
non-throwing new.
A handful of throwing news remain, but only in places where a crash on
failure is appropriate.
In addition, this CL also inserts buffer wrap checks in key locations
and changes the development-machine Makefile to build in 32-bit mode, to
make memory problems more apparent.
Bug: 21888473
Change-Id: I8ebc5ec12053e4f5274f6f57ce312abc10611cef
Diffstat (limited to 'rsa_operation.h')
| -rw-r--r-- | rsa_operation.h | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/rsa_operation.h b/rsa_operation.h index 4005dbd..a1de04c 100644 --- a/rsa_operation.h +++ b/rsa_operation.h @@ -209,7 +209,7 @@ class RsaSigningOperationFactory : public RsaDigestingOperationFactory { keymaster_purpose_t purpose() const override { return KM_PURPOSE_SIGN; } Operation* InstantiateOperation(keymaster_digest_t digest, keymaster_padding_t padding, EVP_PKEY* key) override { - return new RsaSignOperation(digest, padding, key); + return new (std::nothrow) RsaSignOperation(digest, padding, key); } }; @@ -220,7 +220,7 @@ class RsaVerificationOperationFactory : public RsaDigestingOperationFactory { keymaster_purpose_t purpose() const override { return KM_PURPOSE_VERIFY; } Operation* InstantiateOperation(keymaster_digest_t digest, keymaster_padding_t padding, EVP_PKEY* key) override { - return new RsaVerifyOperation(digest, padding, key); + return new (std::nothrow) RsaVerifyOperation(digest, padding, key); } }; @@ -230,7 +230,7 @@ class RsaVerificationOperationFactory : public RsaDigestingOperationFactory { class RsaEncryptionOperationFactory : public RsaCryptingOperationFactory { keymaster_purpose_t purpose() const override { return KM_PURPOSE_ENCRYPT; } Operation* InstantiateOperation(keymaster_padding_t padding, EVP_PKEY* key) override { - return new RsaEncryptOperation(padding, key); + return new (std::nothrow) RsaEncryptOperation(padding, key); } }; @@ -240,7 +240,7 @@ class RsaEncryptionOperationFactory : public RsaCryptingOperationFactory { class RsaDecryptionOperationFactory : public RsaCryptingOperationFactory { keymaster_purpose_t purpose() const override { return KM_PURPOSE_DECRYPT; } Operation* InstantiateOperation(keymaster_padding_t padding, EVP_PKEY* key) override { - return new RsaDecryptOperation(padding, key); + return new (std::nothrow) RsaDecryptOperation(padding, key); } }; |