Fixed #8429: Segfault when already destroyed callback interface is used

(cherry picked from commit 658abd2)

Author: AlexPeshkoff

doc/Using_OO_API.html

@@ -3615,13 +3615,24 @@ <h1><font size="4" style="font-size: 14pt">Database encryption
 	is passed in both directions. The source of a key receives
 	dataLength bytes of data and may send up to bufferLength bytes into
 	buffer returning actual number of bytes placed into buffer.</font></p>
+	<li><p style="margin-bottom: 0cm"><font size="4" style="font-size: 14pt">
+	int getHashLength(StatusType* status) - returns length of hash of the keys provided by interface.
+	Hash is needed to let caller compare interfaces for equality. Empty (no keys)
+	interface should return hash length equal to zero.
+	</font></p>
+	<li><p style="margin-bottom: 0cm"><font size="4" style="font-size: 14pt">
+	void getHashData(StatusType* status, void* hash) - places hash of the keys provided by interface
+	into memory location defined by parameter <i>hash</i>. Should copy exact number of bytes
+	returned by getHashLength() call. Hash algorithm is chosen by plugin author
+	(in year 2024 SHA256 appears reasonable choice).
+	</font></p>
 </ol>
 <p style="margin-bottom: 0cm"><br/>
 
 </p>
 <p style="margin-bottom: 0cm"><a name="DbCryptInfo"></a><font size="4" style="font-size: 14pt">DbCryptInfo
 interface is passed to DbCryptPlugin by engine. Plugin may save this
-interface and use when needed to obtain additional informatio about
+interface and use when needed to obtain additional information about
 database.</font></p>
 <ol>
 	<li><p style="margin-bottom: 0cm"><font size="4" style="font-size: 14pt">const

examples/dbcrypt/CryptApplication.cpp

@@ -36,14 +36,28 @@ class CryptKey : public ICryptKeyCallbackImpl<CryptKey, CheckStatusWrapper>
 	{
 		if (length > 0 && buffer)
 		{
-			char k = 0x5a;
 			memcpy(buffer, &k, 1);
 			fprintf(stderr, "\nTransfered key to server\n");
 		}
 		return 1;
 	}
+
+	int getHashLength(Firebird::CheckStatusWrapper* status) override
+	{
+		return 1;
+	}
+
+	void getHashData(Firebird::CheckStatusWrapper* status, void* h) override
+	{
+		memcpy(h, &k, 1);
+	}
+
+private:
+	static const char k;
 };
 
+const char CryptKey::k = 0x5a;
+
 class App
 {
 public:

examples/dbcrypt/CryptKeyHolder.cpp

@@ -69,7 +69,7 @@ class CryptKeyHolder : public IKeyHolderPluginImpl<CryptKeyHolder, CheckStatusWr
 public:
 	explicit CryptKeyHolder(IPluginConfig* cnf) throw()
 		: callbackInterface(this), named(NULL), tempStatus(master->getStatus()),
-		  config(cnf), key(0), owner(NULL)
+		  config(cnf), key(0), init(false), owner(NULL)
 	{
 		config->addRef();
 	}
@@ -110,10 +110,13 @@ class CryptKeyHolder : public IKeyHolderPluginImpl<CryptKeyHolder, CheckStatusWr
 		return owner;
 	}
 
-	ISC_UCHAR getKey()
+	const ISC_UCHAR& getKey()
 	{
-		if (!key)
+		if (!init)
+		{
 			keyCallback(&tempStatus, NULL);
+			init = true;
+		}
 
 		return key;
 	}
@@ -139,7 +142,7 @@ class CryptKeyHolder : public IKeyHolderPluginImpl<CryptKeyHolder, CheckStatusWr
 
 		unsigned int callback(unsigned int, const void*, unsigned int length, void* buffer)
 		{
-			ISC_UCHAR k = holder->getKey();
+			const ISC_UCHAR& k = holder->getKey();
 			if (!k)
 			{
 				return 0;
@@ -152,6 +155,36 @@ class CryptKeyHolder : public IKeyHolderPluginImpl<CryptKeyHolder, CheckStatusWr
 			return 1;
 		}
 
+		int getHashLength(Firebird::CheckStatusWrapper* status) override
+		{
+			const ISC_UCHAR& k = holder->getKey();
+			if (!k)
+			{
+				ISC_STATUS err[] = {isc_arg_gds, isc_wish_list};
+				status->setErrors2(2, err);
+
+				return -1;
+			}
+
+			return 1;
+		}
+
+		void getHashData(Firebird::CheckStatusWrapper* status, void* h) override
+		{
+			// here key value is returned by hash function as is
+			// do not do it in production - use some hash function
+			const ISC_UCHAR& k = holder->getKey();
+			if (!k)
+			{
+				ISC_STATUS err[] = {isc_arg_gds, isc_wish_list};
+				status->setErrors2(2, err);
+
+				return;
+			}
+
+			memcpy(h, &k, 1);
+		}
+
 	private:
 		CryptKeyHolder* holder;
 	};
@@ -172,6 +205,18 @@ class CryptKeyHolder : public IKeyHolderPluginImpl<CryptKeyHolder, CheckStatusWr
 			return 1;
 		}
 
+		int getHashLength(Firebird::CheckStatusWrapper* status) override
+		{
+			return 1;
+		}
+
+		void getHashData(Firebird::CheckStatusWrapper* status, void* h) override
+		{
+			// here key value is returned by hash function as is
+			// do not do it in production - use some hash function
+			memcpy(h, &key, 1);
+		}
+
 		~NamedCallback()
 		{
 			delete next;
@@ -188,6 +233,7 @@ class CryptKeyHolder : public IKeyHolderPluginImpl<CryptKeyHolder, CheckStatusWr
 
 	IPluginConfig* config;
 	ISC_UCHAR key;
+	bool init;
 
 	FbSampleAtomic refCounter;
 	IReferenceCounted* owner;

src/include/firebird/FirebirdInterface.idl

@@ -941,6 +941,23 @@ interface CryptKeyCallback : Versioned
 	// any further details.
 	uint callback(uint dataLength, const void* data,
 		uint bufferLength, void* buffer);
+
+version:		// 6.0, 5.0.2, 4.0.6
+
+	// NULL in attStatus means attach was successful.
+	// DO_RETRY return will be ignored in this case, but plugin has a chance
+	// to reflect internally success.
+	[stub defaultAction]
+	void dummy1(Status status);
+
+	// interface not needed any more
+	[stub defaultAction]
+	void dummy2();
+
+	// Produce something to be compared with other interface instance
+	[notImplemented(-1)]
+	int getHashLength(Status status);
+	void getHashData(Status status, void* hash);
 }
 
 

src/include/firebird/IdlFbInterfaces.h

@@ -3891,14 +3891,18 @@ namespace Firebird
 		}
 	};
 
-#define FIREBIRD_ICRYPT_KEY_CALLBACK_VERSION 2u
+#define FIREBIRD_ICRYPT_KEY_CALLBACK_VERSION 3u
 
 	class ICryptKeyCallback : public IVersioned
 	{
 	public:
 		struct VTable : public IVersioned::VTable
 		{
 			unsigned (CLOOP_CARG *callback)(ICryptKeyCallback* self, unsigned dataLength, const void* data, unsigned bufferLength, void* buffer) CLOOP_NOEXCEPT;
+			void (CLOOP_CARG *dummy1)(ICryptKeyCallback* self, IStatus* status) CLOOP_NOEXCEPT;
+			void (CLOOP_CARG *dummy2)(ICryptKeyCallback* self) CLOOP_NOEXCEPT;
+			int (CLOOP_CARG *getHashLength)(ICryptKeyCallback* self, IStatus* status) CLOOP_NOEXCEPT;
+			void (CLOOP_CARG *getHashData)(ICryptKeyCallback* self, IStatus* status, void* hash) CLOOP_NOEXCEPT;
 		};
 
 	protected:
@@ -3919,6 +3923,55 @@ namespace Firebird
 			unsigned ret = static_cast<VTable*>(this->cloopVTable)->callback(this, dataLength, data, bufferLength, buffer);
 			return ret;
 		}
+
+		template <typename StatusType> void dummy1(StatusType* status)
+		{
+			if (cloopVTable->version < 3)
+			{
+				StatusType::setVersionError(status, "ICryptKeyCallback", cloopVTable->version, 3);
+				StatusType::checkException(status);
+				return;
+			}
+			StatusType::clearException(status);
+			static_cast<VTable*>(this->cloopVTable)->dummy1(this, status);
+			StatusType::checkException(status);
+		}
+
+		void dummy2()
+		{
+			if (cloopVTable->version < 3)
+			{
+				return;
+			}
+			static_cast<VTable*>(this->cloopVTable)->dummy2(this);
+		}
+
+		template <typename StatusType> int getHashLength(StatusType* status)
+		{
+			if (cloopVTable->version < 3)
+			{
+				StatusType::setVersionError(status, "ICryptKeyCallback", cloopVTable->version, 3);
+				StatusType::checkException(status);
+				return -1;
+			}
+			StatusType::clearException(status);
+			int ret = static_cast<VTable*>(this->cloopVTable)->getHashLength(this, status);
+			StatusType::checkException(status);
+			return ret;
+		}
+
+		template <typename StatusType> void getHashData(StatusType* status, void* hash)
+		{
+			if (cloopVTable->version < 3)
+			{
+				StatusType::setVersionError(status, "ICryptKeyCallback", cloopVTable->version, 3);
+				StatusType::checkException(status);
+				return;
+			}
+			StatusType::clearException(status);
+			static_cast<VTable*>(this->cloopVTable)->getHashData(this, status, hash);
+			StatusType::checkException(status);
+		}
 	};
 
 #define FIREBIRD_IKEY_HOLDER_PLUGIN_VERSION 5u
@@ -14395,6 +14448,10 @@ namespace Firebird
 				{
 					this->version = Base::VERSION;
 					this->callback = &Name::cloopcallbackDispatcher;
+					this->dummy1 = &Name::cloopdummy1Dispatcher;
+					this->dummy2 = &Name::cloopdummy2Dispatcher;
+					this->getHashLength = &Name::cloopgetHashLengthDispatcher;
+					this->getHashData = &Name::cloopgetHashDataDispatcher;
 				}
 			} vTable;
 
@@ -14413,6 +14470,61 @@ namespace Firebird
 				return static_cast<unsigned>(0);
 			}
 		}
+
+		static void CLOOP_CARG cloopdummy1Dispatcher(ICryptKeyCallback* self, IStatus* status) CLOOP_NOEXCEPT
+		{
+			StatusType status2(status);
+
+			try
+			{
+				static_cast<Name*>(self)->Name::dummy1(&status2);
+			}
+			catch (...)
+			{
+				StatusType::catchException(&status2);
+			}
+		}
+
+		static void CLOOP_CARG cloopdummy2Dispatcher(ICryptKeyCallback* self) CLOOP_NOEXCEPT
+		{
+			try
+			{
+				static_cast<Name*>(self)->Name::dummy2();
+			}
+			catch (...)
+			{
+				StatusType::catchException(0);
+			}
+		}
+
+		static int CLOOP_CARG cloopgetHashLengthDispatcher(ICryptKeyCallback* self, IStatus* status) CLOOP_NOEXCEPT
+		{
+			StatusType status2(status);
+
+			try
+			{
+				return static_cast<Name*>(self)->Name::getHashLength(&status2);
+			}
+			catch (...)
+			{
+				StatusType::catchException(&status2);
+				return static_cast<int>(0);
+			}
+		}
+
+		static void CLOOP_CARG cloopgetHashDataDispatcher(ICryptKeyCallback* self, IStatus* status, void* hash) CLOOP_NOEXCEPT
+		{
+			StatusType status2(status);
+
+			try
+			{
+				static_cast<Name*>(self)->Name::getHashData(&status2, hash);
+			}
+			catch (...)
+			{
+				StatusType::catchException(&status2);
+			}
+		}
 	};
 
 	template <typename Name, typename StatusType, typename Base = IVersionedImpl<Name, StatusType, Inherit<ICryptKeyCallback> > >
@@ -14429,6 +14541,14 @@ namespace Firebird
 		}
 
 		virtual unsigned callback(unsigned dataLength, const void* data, unsigned bufferLength, void* buffer) = 0;
+		virtual void dummy1(StatusType* status)
+		{
+		}
+		virtual void dummy2()
+		{
+		}
+		virtual int getHashLength(StatusType* status) = 0;
+		virtual void getHashData(StatusType* status, void* hash) = 0;
 	};
 
 	template <typename Name, typename StatusType, typename Base>