Merge pull request #1051 from Unity-Technologies/unity-master-fix-potential-unitytls-marshalling-issue-with-size_t

fix potential unitytls marshalling issue with size t

Author: AndreasReich

mcs/class/System/Mono.UnityTls/CertHelper.cs

@@ -1,6 +1,8 @@
 #if SECURITY_DEP
 using System.Security.Cryptography.X509Certificates;
 
+using size_t = System.IntPtr;
+
 namespace Mono.Unity
 {
 	internal unsafe static class CertHelper
@@ -16,7 +18,7 @@ public static void AddCertificateToNativeChain (UnityTls.unitytls_x509list* nati
 		{
 			byte[] certDer = certificate.GetRawCertData ();
 			fixed(byte* certDerPtr = certDer) {
-				UnityTls.NativeInterface.unitytls_x509list_append_der (nativeCertificateChain, certDerPtr, certDer.Length, errorState);
+				UnityTls.NativeInterface.unitytls_x509list_append_der (nativeCertificateChain, certDerPtr, (size_t)certDer.Length, errorState);
 			}
 
 			var certificateImpl2 = certificate.Impl as X509Certificate2Impl;
@@ -34,16 +36,16 @@ public static X509CertificateCollection NativeChainToManagedCollection (UnityTls
 		{
 			X509CertificateCollection certificates = new X509CertificateCollection ();
 
-			var cert = UnityTls.NativeInterface.unitytls_x509list_get_x509 (nativeCertificateChain, 0, errorState);
+			var cert = UnityTls.NativeInterface.unitytls_x509list_get_x509 (nativeCertificateChain, (size_t)0, errorState);
 			for (int i = 0; cert.handle != UnityTls.NativeInterface.UNITYTLS_INVALID_HANDLE; ++i) {
-				size_t certBufferSize = UnityTls.NativeInterface.unitytls_x509_export_der (cert, null, 0, errorState);
-				var certBuffer = new byte[certBufferSize];	// Need to reallocate every time since X509Certificate constructor takes no length but only a byte array.
+				size_t certBufferSize = UnityTls.NativeInterface.unitytls_x509_export_der (cert, null, (size_t)0, errorState);
+				var certBuffer = new byte[(int)certBufferSize];	// Need to reallocate every time since X509Certificate constructor takes no length but only a byte array.
 				fixed(byte* certBufferPtr = certBuffer) {
 					UnityTls.NativeInterface.unitytls_x509_export_der (cert, certBufferPtr, certBufferSize, errorState);
 				}
 				certificates.Add (new X509Certificate (certBuffer));
 
-				cert = UnityTls.NativeInterface.unitytls_x509list_get_x509 (nativeCertificateChain, i, errorState);
+				cert = UnityTls.NativeInterface.unitytls_x509list_get_x509 (nativeCertificateChain, (size_t)i, errorState);
 			}
 
 			return certificates;

mcs/class/System/Mono.UnityTls/UnityTls.cs

@@ -9,23 +9,7 @@ namespace Mono.Unity
     // The aliases here are just there to keep the semantic in the interface and make it more similar to the c original.
     using UInt8 = Byte;
     using Int8 = Byte;
-
-    [StructLayout (LayoutKind.Sequential)]
-    internal struct size_t
-    {
-        public size_t(uint i) {
-            value = new IntPtr(i);
-        }
-
-        public static implicit operator size_t(int d) {
-            return new size_t((uint)d);
-        }
-        public static implicit operator int(size_t s) {
-            return s.value.ToInt32();
-        }
-
-        public IntPtr value;
-    }
+    using size_t = IntPtr;
 
     unsafe internal static partial class UnityTls
     {

mcs/class/System/Mono.UnityTls/UnityTlsContext.cs

@@ -23,6 +23,7 @@
 using Mono.Util;
 
 using Int8 = System.Byte;
+using size_t = System.IntPtr;
 
 namespace Mono.Unity
 {
@@ -110,7 +111,7 @@ public UnityTlsContext (
 			else {
 				byte [] targetHostUtf8 = Encoding.UTF8.GetBytes (targetHost);
 				fixed (byte* targetHostUtf8Ptr = targetHostUtf8) {
-					tlsContext = UnityTls.NativeInterface.unitytls_tlsctx_create_client (protocolRange, callbacks, targetHostUtf8Ptr, targetHostUtf8.Length, &errorState);
+					tlsContext = UnityTls.NativeInterface.unitytls_tlsctx_create_client (protocolRange, callbacks, targetHostUtf8Ptr, (size_t)targetHostUtf8.Length, &errorState);
 				}
 
 				certificateCallback = CertificateCallback;
@@ -121,12 +122,14 @@ public UnityTlsContext (
 			UnityTls.NativeInterface.unitytls_tlsctx_set_x509verify_callback (tlsContext, verifyCallback, (void*)(IntPtr)handle, &errorState);
 
 			Mono.Unity.Debug.CheckAndThrow (errorState, "Failed to create UnityTls context");
-
+			
+			#pragma warning disable CS0162 // Disable unreachable code warning
 			if (ActivateTracing) {
 				traceCallback = TraceCallback;
 				UnityTls.NativeInterface.unitytls_tlsctx_set_trace_callback (tlsContext, traceCallback, null, &errorState);
 				Mono.Unity.Debug.CheckAndThrow (errorState, "Failed to set trace callback");
 			}
+			#pragma warning restore CS0162 // Reenable unreachable code warning.
 
 			hasContext = true;
 		}
@@ -147,7 +150,7 @@ static private void ExtractNativeKeyAndChainFromManagedCertificate(X509Certifica
 
 				byte[] privateKeyDer = PKCS8.PrivateKeyInfo.Encode (cert2.PrivateKey);
 				fixed(byte* privateKeyDerPtr = privateKeyDer) {
-					nativeKey = UnityTls.NativeInterface.unitytls_key_parse_der (privateKeyDerPtr, privateKeyDer.Length, null, 0, errorState);
+					nativeKey = UnityTls.NativeInterface.unitytls_key_parse_der (privateKeyDerPtr, (size_t)privateKeyDer.Length, null, (size_t)0, errorState);
 				}
 			} catch {
 				UnityTls.NativeInterface.unitytls_x509list_free (nativeCertChain);
@@ -190,7 +193,7 @@ public override (int ret, bool wantMore) Read (byte[] buffer, int offset, int co
 			lastException = null;
 			var errorState = UnityTls.NativeInterface.unitytls_errorstate_create ();
 			fixed (byte* bufferPtr = buffer) {
-				numBytesRead = UnityTls.NativeInterface.unitytls_tlsctx_read (tlsContext, bufferPtr + offset, count, &errorState);
+				numBytesRead = (int)UnityTls.NativeInterface.unitytls_tlsctx_read (tlsContext, bufferPtr + offset, (size_t)count, &errorState);
 			}
 			if (lastException != null)
 				throw lastException;
@@ -223,7 +226,7 @@ public override (int ret, bool wantMore) Write (byte[] buffer, int offset, int c
 			lastException = null;
 			var errorState = UnityTls.NativeInterface.unitytls_errorstate_create ();
 			fixed (byte* bufferPtr = buffer) {
-				numBytesWritten = UnityTls.NativeInterface.unitytls_tlsctx_write (tlsContext, bufferPtr + offset, count, &errorState);
+				numBytesWritten = (int)UnityTls.NativeInterface.unitytls_tlsctx_write (tlsContext, bufferPtr + offset, (size_t)count, &errorState);
 			}
 			if (lastException != null)
 				throw lastException;
@@ -304,7 +307,7 @@ public override void StartHandshake ()
 
 				var errorState = UnityTls.NativeInterface.unitytls_errorstate_create ();
 				fixed (UnityTls.unitytls_ciphersuite* ciphersPtr = ciphers)
-					UnityTls.NativeInterface.unitytls_tlsctx_set_supported_ciphersuites (tlsContext, ciphersPtr, ciphers.Length, &errorState);
+					UnityTls.NativeInterface.unitytls_tlsctx_set_supported_ciphersuites (tlsContext, ciphersPtr, (size_t)ciphers.Length, &errorState);
 				Unity.Debug.CheckAndThrow (errorState, "Failed to set list of supported ciphers", AlertDescription.HandshakeFailure);
 			}
 		}
@@ -368,21 +371,21 @@ static private size_t WriteCallback (void* userData, byte* data, size_t bufferLe
 		private size_t WriteCallback (byte* data, size_t bufferLen, UnityTls.unitytls_errorstate* errorState)
 		{
 			try {
-				if (writeBuffer == null || writeBuffer.Length < bufferLen)
-					writeBuffer = new byte[bufferLen];
-				Marshal.Copy ((IntPtr)data, writeBuffer, 0, bufferLen);
+				if (writeBuffer == null || writeBuffer.Length < (int)bufferLen)
+					writeBuffer = new byte[(int)bufferLen];
+				Marshal.Copy ((IntPtr)data, writeBuffer, 0, (int)bufferLen);
 
-				if (!Parent.InternalWrite (writeBuffer, 0, bufferLen)) {
+				if (!Parent.InternalWrite (writeBuffer, 0, (int)bufferLen)) {
 					UnityTls.NativeInterface.unitytls_errorstate_raise_error (errorState, UnityTls.unitytls_error_code.UNITYTLS_USER_WRITE_FAILED);
-					return 0;
+					return (size_t)0;
 				}
 
 				return bufferLen;
 			} catch (Exception ex) { // handle all exceptions and store them for later since we don't want to let them go through native code.
 				UnityTls.NativeInterface.unitytls_errorstate_raise_error (errorState, UnityTls.unitytls_error_code.UNITYTLS_USER_UNKNOWN_ERROR);
 				if (lastException == null)
 					lastException = ex;
-				return 0;
+				return (size_t)0;
 			}
 		}
 
@@ -397,17 +400,17 @@ static private size_t ReadCallback (void* userData, byte* buffer, size_t bufferL
 		private size_t ReadCallback (byte* buffer, size_t bufferLen, UnityTls.unitytls_errorstate* errorState)
 		{
 			try {
-				if (readBuffer == null || readBuffer.Length < bufferLen)
-					readBuffer = new byte [bufferLen];
+				if (readBuffer == null || readBuffer.Length < (int)bufferLen)
+					readBuffer = new byte [(int)bufferLen];
 
 				bool wouldBlock;
-				int numBytesRead = Parent.InternalRead (readBuffer, 0, bufferLen, out wouldBlock);
+				int numBytesRead = Parent.InternalRead (readBuffer, 0, (int)bufferLen, out wouldBlock);
 
 				// Non graceful exit.
 				if (numBytesRead < 0) {
 					UnityTls.NativeInterface.unitytls_errorstate_raise_error (errorState, UnityTls.unitytls_error_code.UNITYTLS_USER_READ_FAILED);
 				} else if (numBytesRead > 0) {
-					Marshal.Copy (readBuffer, 0, (IntPtr)buffer, bufferLen);
+					Marshal.Copy (readBuffer, 0, (IntPtr)buffer, (int)bufferLen);
 				} else  { // numBytesRead == 0
 					// careful when rearranging this: wouldBlock might be true even if stream was closed abruptly. 
 					if (wouldBlock) {
@@ -423,12 +426,12 @@ private size_t ReadCallback (byte* buffer, size_t bufferLen, UnityTls.unitytls_e
 				}
 
 				// Note that UnityTls ignores this number when raising an error.
-				return numBytesRead; 
+				return (size_t)numBytesRead;
 			} catch (Exception ex) { // handle all exceptions and store them for later since we don't want to let them go through native code.
 				UnityTls.NativeInterface.unitytls_errorstate_raise_error (errorState, UnityTls.unitytls_error_code.UNITYTLS_USER_UNKNOWN_ERROR);
 				if (lastException == null)
 					lastException = ex;
-				return 0;
+				return (size_t)0;
 			}
 		}
 
@@ -498,7 +501,7 @@ private void CertificateCallback (UnityTls.unitytls_tlsctx* ctx, Int8* cn, size_
 		[MonoPInvokeCallback (typeof (UnityTls.unitytls_tlsctx_trace_callback))]
 		static private void TraceCallback (void* userData, UnityTls.unitytls_tlsctx* ctx, byte* traceMessage, size_t traceMessageLen)
 		{
-			string message = Encoding.UTF8.GetString (traceMessage, traceMessageLen);
+			string message = Encoding.UTF8.GetString (traceMessage, (int)traceMessageLen);
 			System.Console.Write (message);
 		}
 	}

mcs/class/System/Mono.UnityTls/UnityTlsProvider.cs

@@ -17,6 +17,8 @@
 using Mono.Security.Interface;
 #endif
 
+using size_t = System.IntPtr;
+
 namespace Mono.Unity
 {
 	unsafe internal class UnityTlsProvider : MonoTlsProvider
@@ -93,13 +95,13 @@ internal override bool ValidateCertificate (
 					var trustCAnativeRef = UnityTls.NativeInterface.unitytls_x509list_get_ref (certificatesNative, &errorState);
 
 					fixed (byte* targetHostUtf8Ptr = targetHostUtf8) {
-						result = UnityTls.NativeInterface.unitytls_x509verify_explicit_ca (certificatesNativeRef, trustCAnativeRef, targetHostUtf8Ptr, targetHostUtf8.Length, null, null, &errorState);
+						result = UnityTls.NativeInterface.unitytls_x509verify_explicit_ca (certificatesNativeRef, trustCAnativeRef, targetHostUtf8Ptr, (size_t)targetHostUtf8.Length, null, null, &errorState);
 					}
 
 					UnityTls.NativeInterface.unitytls_x509list_free (trustCAnative);
 				} else {
 					fixed (byte* targetHostUtf8Ptr = targetHostUtf8) {
-						result = UnityTls.NativeInterface.unitytls_x509verify_default_ca (certificatesNativeRef, targetHostUtf8Ptr, targetHostUtf8.Length, null, null, &errorState);
+						result = UnityTls.NativeInterface.unitytls_x509verify_default_ca (certificatesNativeRef, targetHostUtf8Ptr, (size_t)targetHostUtf8.Length, null, null, &errorState);
 					}
 				}
 			}