feat: use distinct type for payload of SecretStorage, so that you can't use a string without manual conversion

Author: Totto16

src/lobby/api.cpp

@@ -59,7 +59,7 @@ lobby::API::API(const std::string& api_url)
     auto value = m_secret_storage->load(constants::api_token_key);
 
     if (value.has_value()) {
-        if (not this->setup_authentication(value.value())) {
+        if (not this->setup_authentication(value.value().as_string())) {
             throw std::runtime_error("Couldn't setup authentication");
         }
     } else {
@@ -275,7 +275,7 @@ bool lobby::API::setup_authentication(const std::string& token) {
     m_authentication_token = token;
 
     m_client->SetBearerAuth(token);
-    if (auto result = m_secret_storage->store(constants::api_token_key, token); result.has_value()) {
+    if (auto result = m_secret_storage->store(constants::api_token_key, secret::Buffer{ token }); result.has_value()) {
         spdlog::error("API {}", result.value());
     }
 

src/lobby/credentials/buffer.cpp

@@ -0,0 +1,52 @@
+
+
+
+#include "./buffer.hpp"
+
+
+secret::Buffer::Buffer(const std::string& data) : m_size{ data.size() } {
+    if (m_size == 0) {
+        return;
+    }
+
+    m_data = new std::byte[m_size]; //NOLINT(cppcoreguidelines-owning-memory)
+    std::memcpy(this->m_data, data.data(), m_size);
+}
+
+secret::Buffer::Buffer(std::byte* data, std::size_t size) : m_size{ size } {
+    if (m_size == 0) {
+        return;
+    }
+
+    m_data = new std::byte[m_size]; //NOLINT(cppcoreguidelines-owning-memory)
+    std::memcpy(this->m_data, data, m_size);
+}
+
+secret::Buffer::~Buffer() {
+    if (m_data != nullptr && m_size != 0) {
+        delete[] m_data;
+    }
+}
+
+secret::Buffer::Buffer(Buffer&& other) noexcept : m_data{ other.m_data }, m_size{ other.m_size } {
+    other.m_size = 0;
+    other.m_data = nullptr;
+}
+
+
+[[nodiscard]] std::string secret::Buffer::as_string() const {
+    return std::string{
+        reinterpret_cast<char*>(m_data), //NOLINT(cppcoreguidelines-pro-type-reinterpret-cast)
+        reinterpret_cast<char*>(m_data   //NOLINT(cppcoreguidelines-pro-type-reinterpret-cast)
+        ) + m_size //NOLINT(cppcoreguidelines-pro-bounds-pointer-arithmetic,coreguidelines-pro-type-reinterpret-cast)
+    };
+}
+
+
+[[nodiscard]] std::byte* secret::Buffer::data() const {
+    return m_data;
+}
+
+[[nodiscard]] std::size_t secret::Buffer::size() const {
+    return m_size;
+}

src/lobby/credentials/buffer.hpp

@@ -0,0 +1,44 @@
+
+
+#pragma once
+
+#include <cstring>
+#include <string>
+
+#include "helper/windows.hpp"
+
+namespace secret {
+    struct Buffer {
+    private:
+        std::byte* m_data{ nullptr };
+        std::size_t m_size;
+
+    public:
+        OOPETRIS_GRAPHICS_EXPORTED explicit Buffer(const std::string& data);
+        OOPETRIS_GRAPHICS_EXPORTED explicit Buffer(std::byte* data, std::size_t size);
+        template<std::size_t A>
+        OOPETRIS_GRAPHICS_EXPORTED explicit Buffer(std::array<std::byte, A> data) : m_size{ data.size() } {
+            if (m_size == 0) {
+                return;
+            }
+
+            m_data = new std::byte[m_size]; //NOLINT(cppcoreguidelines-owning-memory)
+            std::memcpy(this->m_data, data, m_size);
+        }
+
+        OOPETRIS_GRAPHICS_EXPORTED ~Buffer();
+
+        OOPETRIS_GRAPHICS_EXPORTED Buffer(const Buffer& other) = delete;
+        OOPETRIS_GRAPHICS_EXPORTED Buffer& operator=(const Buffer& other) = delete;
+
+        OOPETRIS_GRAPHICS_EXPORTED Buffer(Buffer&& other) noexcept;
+        OOPETRIS_GRAPHICS_EXPORTED Buffer& operator=(Buffer&& other) noexcept = delete;
+
+        [[nodiscard]] std::string as_string() const;
+
+        [[nodiscard]] std::byte* data() const;
+
+        [[nodiscard]] std::size_t size() const;
+    };
+
+} // namespace secret

src/lobby/credentials/meson.build

@@ -1,4 +1,6 @@
 graphics_src_files += files(
+    'buffer.cpp',
+    'buffer.hpp',
     'secret.cpp',
     'secret.hpp',
 )

src/lobby/credentials/secret.cpp

@@ -63,13 +63,13 @@ secret::SecretStorage::SecretStorage(KeyringType type) : m_type{ type } {
     }
 }
 
-secret::SecretStorage::~SecretStorage() = default;
+secret::SecretStorage::~SecretStorage() = default; //NOLINT(performance-trivially-destructible)
 
 secret::SecretStorage::SecretStorage(SecretStorage&& other) noexcept
     : m_type{ other.m_type },
       m_ring_id{ other.m_ring_id } { }
 
-[[nodiscard]] helper::expected<std::string, std::string> secret::SecretStorage::load(const std::string& key) const {
+[[nodiscard]] helper::expected<secret::Buffer, std::string> secret::SecretStorage::load(const std::string& key) const {
 
     auto key_id = get_id_from_name(m_ring_id, key);
 
@@ -90,19 +90,17 @@ secret::SecretStorage::SecretStorage(SecretStorage&& other) noexcept
         };
     }
 
-    auto result_string = std::string{
-        static_cast<char*>(buffer),
-        static_cast<char*>(buffer) + result //NOLINT(cppcoreguidelines-pro-bounds-pointer-arithmetic)
-    };
+
+    auto result_buffer =
+            Buffer{ reinterpret_cast<std::byte*>(buffer), //NOLINT(cppcoreguidelines-pro-type-reinterpret-cast)
+                    static_cast<std::size_t>(result) };
+
     free(buffer); // NOLINT(cppcoreguidelines-no-malloc,cppcoreguidelines-owning-memory)
-    return result_string;
+    return result_buffer;
 }
 
-[[nodiscard]] std::optional<std::string> secret::SecretStorage::store(
-        const std::string& key, //NOLINT(bugprone-easily-swappable-parameters)
-        const std::string& value,
-        bool update
-) const {
+[[nodiscard]] std::optional<std::string>
+secret::SecretStorage::store(const std::string& key, const Buffer& value, bool update) const {
 
     auto key_id = get_id_from_name(m_ring_id, key);
 
@@ -113,7 +111,7 @@ secret::SecretStorage::SecretStorage(SecretStorage&& other) noexcept
 
     auto full_key = get_key_name(key);
 
-    auto new_id = add_key(constants::key_type_user, full_key.c_str(), value.c_str(), value.size(), m_ring_id);
+    auto new_id = add_key(constants::key_type_user, full_key.c_str(), value.data(), value.size(), m_ring_id);
 
     if (new_id < 0) {
         return fmt::format("Error while storing a key, can't add the key: {}", strerror(errno));
@@ -235,7 +233,7 @@ secret::SecretStorage::SecretStorage(SecretStorage&& other) noexcept
 }
 
 
-[[nodiscard]] helper::expected<std::string, std::string> secret::SecretStorage::load(const std::string& key) const {
+[[nodiscard]] helper::expected<secret::Buffer, std::string> secret::SecretStorage::load(const std::string& key) const {
 
     auto maybe_key_handle = get_handle_from_name(m_type, m_phProvider, key);
 
@@ -281,15 +279,18 @@ secret::SecretStorage::SecretStorage(SecretStorage&& other) noexcept
 
     NCryptFreeObject(key_handle);
 
-    auto result_string = std::string{ reinterpret_cast<char*>(buffer), reinterpret_cast<char*>(buffer) + bytes_needed };
+    auto result_buffer =
+            Buffer{ reinterpret_cast<std::byte*>(buffer), //NOLINT(cppcoreguidelines-pro-type-reinterpret-cast)
+                    static_cast<std::size_t>(bytes_needed) };
+
 
     delete[] buffer;
 
-    return result_string;
+    return result_buffer;
 }
 
 [[nodiscard]] std::optional<std::string>
-secret::SecretStorage::store(const std::string& key, const std::string& value, bool update) const {
+secret::SecretStorage::store(const std::string& key, const Buffer& value, bool update) const {
 
     NCRYPT_KEY_HANDLE key_handle{};
 
@@ -317,7 +318,7 @@ secret::SecretStorage::store(const std::string& key, const std::string& value, b
 
     PBYTE buffer = new BYTE[value.size()];
 
-    std::memcpy(buffer, value.c_str(), value.size());
+    std::memcpy(buffer, value.data(), value.size());
 
     auto result2 =
             NCryptSetProperty(key_handle, constants::property_name, buffer, static_cast<DWORD>(value.size()), flags2);
@@ -403,7 +404,7 @@ secret::SecretStorage::SecretStorage(SecretStorage&& other) noexcept
       m_file_path{ other.m_file_path } { }
 
 
-[[nodiscard]] helper::expected<std::string, std::string> secret::SecretStorage::load(const std::string& key) const {
+[[nodiscard]] helper::expected<secret::Buffer, std::string> secret::SecretStorage::load(const std::string& key) const {
 
     auto maybe_json_value = get_json_from_file(m_file_path);
 
@@ -421,11 +422,13 @@ secret::SecretStorage::SecretStorage(SecretStorage&& other) noexcept
 
     json_value.at(key).get_to(result);
 
-    return result;
+    auto result_buffer = Buffer{ result };
+
+    return result_buffer;
 }
 
 [[nodiscard]] std::optional<std::string>
-secret::SecretStorage::store(const std::string& key, const std::string& value, bool update) const {
+secret::SecretStorage::store(const std::string& key, const Buffer& value, bool update) const {
 
     auto maybe_json_value = get_json_from_file(m_file_path);
 
@@ -440,7 +443,7 @@ secret::SecretStorage::store(const std::string& key, const std::string& value, b
     }
 
 
-    json_value.at(key) = value;
+    json_value.at(key) = value.as_string();
 
     return json::try_write_json_to_file(m_file_path, json_value, true);
 }

src/lobby/credentials/secret.hpp

@@ -7,8 +7,10 @@
 #include <core/helper/expected.hpp>
 #include <core/helper/types.hpp>
 
+#include "./buffer.hpp"
 #include "helper/windows.hpp"
 
+
 #if defined(__linux__)
 
 #include <keyutils.h>
@@ -49,11 +51,11 @@ namespace secret {
         OOPETRIS_GRAPHICS_EXPORTED SecretStorage(SecretStorage&& other) noexcept;
         OOPETRIS_GRAPHICS_EXPORTED SecretStorage& operator=(SecretStorage&& other) noexcept = delete;
 
-        OOPETRIS_GRAPHICS_EXPORTED [[nodiscard]] helper::expected<std::string, std::string> load(const std::string& key
+        OOPETRIS_GRAPHICS_EXPORTED [[nodiscard]] helper::expected<Buffer, std::string> load(const std::string& key
         ) const;
 
         OOPETRIS_GRAPHICS_EXPORTED [[nodiscard]] std::optional<std::string>
-        store(const std::string& key, const std::string& value, bool update = true) const;
+        store(const std::string& key, const Buffer& value, bool update = true) const;
 
         OOPETRIS_GRAPHICS_EXPORTED [[nodiscard]] std::optional<std::string> remove(const std::string& key) const;
     };