Fix data err (#402)

LowEntropyBody · Checkcheckthis · web-flow · commit 6faccbfa05e5 · 2021-10-14T10:59:38.000+08:00
* Fix data process error

* fix error

* fix error

* fix error

* fix data error

Co-authored-by: Checkcheckthis &lt;2452504518@qq.com&gt;
diff --git a/src/app/http/ApiHandler.h b/src/app/http/ApiHandler.h
@@ -1040,79 +1040,90 @@ void ApiHandler::http_handler(beast::string_view /*doc_root*/,
                 // ----- Unseal file ----- //
                 crust_status_t crust_status = CRUST_SUCCESS;
                 sgx_status_t sgx_status = SGX_SUCCESS;
-                if (!is_file_exist(index_path.c_str(), STORE_TYPE_FILE))
+                if (index_path == EMPTY_BLOCK_FLAG)
                 {
-                    std::string cid_header = index_path.substr(0, index_path.find_last_of('/'));
-                    if (cid_header.size() <= UUID_LENGTH * 2)
-                    {
-                        ret_info = "Malwared index path:" + index_path;
-                        ret_code = 404;
-                    }
-                    else
+                    ret_info = "Unseal data successfully!";
+                    ret_code = 200;
+                    res.body().clear();
+                    res.result(ret_code);
+                }
+                else
+                {
+                    if (!is_file_exist(index_path.c_str(), STORE_TYPE_FILE))
                     {
-                        std::string cid = cid_header.substr(UUID_LENGTH * 2, cid_header.size() - (UUID_LENGTH * 2));
-                        std::string type;
-                        bool exist = ed->find_file_type(cid, type);
-                        if (!exist || (exist && type.compare(FILE_TYPE_PENDING) == 0))
+                        std::string cid_header = index_path.substr(0, index_path.find_last_of('/'));
+                        if (cid_header.size() <= UUID_LENGTH * 2)
                         {
-                            ret_info = "Requested cid:'" + cid + "' is not existed.";
+                            ret_info = "Malwared index path:" + index_path;
                             ret_code = 404;
                         }
                         else
                         {
-                            ret_info = "File block:'" + index_path + "' is lost";
-                            ret_code = 410;
+                            std::string cid = cid_header.substr(UUID_LENGTH * 2, cid_header.size() - (UUID_LENGTH * 2));
+                            std::string type;
+                            bool exist = ed->find_file_type(cid, type);
+                            if (!exist || (exist && type.compare(FILE_TYPE_PENDING) == 0))
+                            {
+                                ret_info = "Requested cid:'" + cid + "' is not existed.";
+                                ret_code = 404;
+                            }
+                            else
+                            {
+                                ret_info = "File block:'" + index_path + "' is lost";
+                                ret_code = 410;
+                            }
                         }
-                    }
-                    p_log->debug("%s\n", ret_info.c_str());
-                }
-                else
-                {
-                    size_t decrypted_data_sz = get_file_size(index_path.c_str(), STORE_TYPE_FILE);
-                    uint8_t *p_decrypted_data = (uint8_t *)malloc(decrypted_data_sz);
-                    size_t decrypted_data_sz_r = 0;
-                    memset(p_decrypted_data, 0, decrypted_data_sz);
-                    Defer def_decrypted_data([&p_decrypted_data](void) { free(p_decrypted_data); });
-                    if (SGX_SUCCESS != (sgx_status = Ecall_unseal_file(global_eid, &crust_status, index_path.c_str(), p_decrypted_data, decrypted_data_sz, &decrypted_data_sz_r)))
-                    {
-                        ret_info = "Unseal failed! Invoke SGX API failed! Error code:" + num_to_hexstring(sgx_status);
-                        p_log->err("%s\n", ret_info.c_str());
-                        ret_code = 500;
+                        p_log->debug("%s\n", ret_info.c_str());
                     }
                     else
                     {
-                        if (CRUST_SUCCESS == crust_status)
+                        size_t decrypted_data_sz = get_file_size(index_path.c_str(), STORE_TYPE_FILE);
+                        uint8_t *p_decrypted_data = (uint8_t *)malloc(decrypted_data_sz);
+                        size_t decrypted_data_sz_r = 0;
+                        memset(p_decrypted_data, 0, decrypted_data_sz);
+                        Defer def_decrypted_data([&p_decrypted_data](void) { free(p_decrypted_data); });
+                        if (SGX_SUCCESS != (sgx_status = Ecall_unseal_file(global_eid, &crust_status, index_path.c_str(), p_decrypted_data, decrypted_data_sz, &decrypted_data_sz_r)))
                         {
-                            ret_info = "Unseal data successfully!";
-                            ret_code = 200;
-                            //p_log->info("%s\n", ret_info.c_str());
-                            res.body().clear();
-                            res.body().append(reinterpret_cast<char *>(p_decrypted_data), decrypted_data_sz_r);
-                            res.result(ret_code);
+                            ret_info = "Unseal failed! Invoke SGX API failed! Error code:" + num_to_hexstring(sgx_status);
+                            p_log->err("%s\n", ret_info.c_str());
+                            ret_code = 500;
                         }
                         else
                         {
-                            switch (crust_status)
+                            if (CRUST_SUCCESS == crust_status)
                             {
-                            case CRUST_UNSEAL_DATA_FAILED:
-                                ret_info = "Unseal data failed! SGX unseal data failed!";
-                                p_log->err("%s\n", ret_info.c_str());
-                                ret_code = 400;
-                                break;
-                            case CRUST_UPGRADE_IS_UPGRADING:
-                                ret_info = "Unseal file stoped due to upgrading or exiting";
-                                p_log->info("%s\n", ret_info.c_str());
-                                ret_code = 503;
-                                break;
-                            default:
-                                ret_info = "Unseal data failed! Error code:" + num_to_hexstring(crust_status);
-                                p_log->err("%s\n", ret_info.c_str());
-                                ret_code = 404;
+                                ret_info = "Unseal data successfully!";
+                                ret_code = 200;
+                                //p_log->info("%s\n", ret_info.c_str());
+                                res.body().clear();
+                                res.body().append(reinterpret_cast<char *>(p_decrypted_data), decrypted_data_sz_r);
+                                res.result(ret_code);
+                            }
+                            else
+                            {
+                                switch (crust_status)
+                                {
+                                case CRUST_UNSEAL_DATA_FAILED:
+                                    ret_info = "Unseal data failed! SGX unseal data failed!";
+                                    p_log->err("%s\n", ret_info.c_str());
+                                    ret_code = 400;
+                                    break;
+                                case CRUST_UPGRADE_IS_UPGRADING:
+                                    ret_info = "Unseal file stoped due to upgrading or exiting";
+                                    p_log->info("%s\n", ret_info.c_str());
+                                    ret_code = 503;
+                                    break;
+                                default:
+                                    ret_info = "Unseal data failed! Error code:" + num_to_hexstring(crust_status);
+                                    p_log->err("%s\n", ret_info.c_str());
+                                    ret_code = 404;
+                                }
                             }
                         }
                     }
                 }
             }
+
             if (200 != ret_code)
             {
                 json::JSON ret_body;
diff --git a/src/enclave/include/Parameter.h b/src/enclave/include/Parameter.h
@@ -12,6 +12,8 @@ typedef sgx_status_t (*ocall_get2_f)(crust_status_t *status, uint8_t *u, size_t
 // For all
 #define SWORKER_VERSION "1.1.0"
 #define LEAF_SEPARATOR  "+leaf+"
+#define EMPTY_BLOCK_CID "QmdfTbBqBPQ7VNxZEYEj14VmRuZBkqFbiwReogJgS1zR1n"
+#define EMPTY_BLOCK_FLAG "empty"
 
 // For enclave metadata
 #define ID_METADATA "metadata"
diff --git a/src/enclave/storage/Storage.cpp b/src/enclave/storage/Storage.cpp
@@ -93,7 +93,16 @@ crust_status_t storage_seal_file(const char *root,
     // If file transfer completed
     if (p_plain_data == NULL || plain_data_sz == 0)
     {
-        return CRUST_STORAGE_UNEXPECTED_FILE_BLOCK;
+        SafeLock sl_files_info(wl->pending_files_um_mutex);
+        sl_files_info.lock();
+        if (wl->pending_files_um.find(rcid) == wl->pending_files_um.end()) 
+        {
+            return CRUST_STORAGE_NEW_FILE_NOTFOUND;
+        }
+        wl->pending_files_um[rcid][FILE_BLOCKS][EMPTY_BLOCK_CID].AddNum(-1);
+        sl_files_info.unlock();
+        memcpy(path, EMPTY_BLOCK_FLAG, std::strlen(EMPTY_BLOCK_FLAG));
+        return CRUST_SUCCESS;
     }
 
     crust_status_t seal_ret = CRUST_UNEXPECTED_ERROR;
@@ -576,14 +585,28 @@ crust_status_t check_seal_file_dup(std::string cid)
  * @param hashs -> Return hashs, which need to be released when used up
  * @return: Status
  */
-crust_status_t get_hashs_from_block(const uint8_t *block_data, size_t block_size, std::vector<uint8_t *> &hashs)
+crust_status_t get_hashs_from_block(const uint8_t *block_data, size_t bs, std::vector<uint8_t *> &hashs)
 {
-    if (block_data == NULL || block_size == 0)
+    if (block_data == NULL || bs == 0)
     {
-        return CRUST_STORAGE_EMPTY_BLOCK;
+        return CRUST_SUCCESS;
     }
 
-    size_t index = 0;
+    int block_size = int(bs);
+    int index = 0;
+    bool is_err = false;
+
+    Defer def_plain_data([&hashs, &is_err](void) {
+        if (is_err)
+        {
+            for (size_t i = 0; i < hashs.size(); i++)
+            {
+                free(hashs[i]);
+            }
+            hashs.clear();
+        }
+    });
+
     while (index < block_size)
     {
         // Skip link header
@@ -594,33 +617,35 @@ crust_status_t get_hashs_from_block(const uint8_t *block_data, size_t block_size
         index++;
 
         // Get all link size
-        uint32_t link_size = 0;
+        int link_size = 0;
         for (uint8_t shift = 0;;shift += 7)
         {
             if(shift >= 64)
             {
-                return CRUST_UNEXPECTED_ERROR;
+                is_err = true;
+                return CRUST_SUCCESS;
             }
 
             if(index >= block_size)
             {
-                return CRUST_UNEXPECTED_ERROR;
+                is_err = true;
+                return CRUST_SUCCESS;
             }
 
             uint8_t b = block_data[index];
             index++;
-            link_size |= uint32_t(b&0x7F) << shift;
+            link_size |= int(b&0x7F) << shift;
             if(b < 0x80)
             {
                 break;
             }
         }
 
-        if (index + link_size >= block_size)
+        if (link_size < 0 || index + link_size < 0 || index + link_size >= block_size)
         {
+            is_err = true;
             break;
         }
-        
         size_t index_header = index;
 
         // Skip link hash header
@@ -631,41 +656,46 @@ crust_status_t get_hashs_from_block(const uint8_t *block_data, size_t block_size
         index++;
 
         // Get link hash size
-        uint32_t hash_with_prefix_size = 0;
+        int hash_with_prefix_size = 0;
         for (uint8_t shift = 0;;shift += 7)
         {
             if (shift >= 64)
             {
-                return CRUST_UNEXPECTED_ERROR;
+                is_err = true;
+                return CRUST_SUCCESS;
             }
 
             if(index >= block_size)
             {
-                return CRUST_UNEXPECTED_ERROR;
+                is_err = true;
+                return CRUST_SUCCESS;
             }
 
             uint8_t b = block_data[index];
             index++;
-            hash_with_prefix_size |= uint32_t(b&0x7F) << shift;
+            hash_with_prefix_size |= int(b&0x7F) << shift;
             if(b < 0x80)
             {
                 break;
             }
         }
 
+        if (hash_with_prefix_size < 0 || index + hash_with_prefix_size < HASH_LENGTH + 2 || index + hash_with_prefix_size >= block_size)
+        {
+            is_err = true;
+            break;
+        }
+
         if (block_data[index + hash_with_prefix_size - HASH_LENGTH - 1] != 0x20 || block_data[index + hash_with_prefix_size - HASH_LENGTH - 2] != 0x12)
         {
+            is_err = true;
             break;
         }
-        
+
         uint8_t* hash = (uint8_t *)enc_malloc(HASH_LENGTH);
         if (hash == NULL)
         {
-            for (size_t i = 0; i < hashs.size(); i++)
-            {
-                free(hashs[i]);
-            }
-            hashs.clear();
+            is_err = true;
             return CRUST_MALLOC_FAILED;
         }
 

Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,16 @@ crust_status_t storage_seal_file(const char *root,`
`93`	`93`	`// If file transfer completed`
`94`	`94`	`if (p_plain_data == NULL \|\| plain_data_sz == 0)`
`95`	`95`	`{`
`96`		`- return CRUST_STORAGE_UNEXPECTED_FILE_BLOCK;`
	`96`	`+ SafeLock sl_files_info(wl->pending_files_um_mutex);`
	`97`	`+ sl_files_info.lock();`
	`98`	`+ if (wl->pending_files_um.find(rcid) == wl->pending_files_um.end())`
	`99`	`+ {`
	`100`	`+ return CRUST_STORAGE_NEW_FILE_NOTFOUND;`
	`101`	`+ }`
	`102`	`+ wl->pending_files_um[rcid][FILE_BLOCKS][EMPTY_BLOCK_CID].AddNum(-1);`
	`103`	`+ sl_files_info.unlock();`
	`104`	`+ memcpy(path, EMPTY_BLOCK_FLAG, std::strlen(EMPTY_BLOCK_FLAG));`
	`105`	`+ return CRUST_SUCCESS;`
`97`	`106`	`}`
`98`	`107`
`99`	`108`	`crust_status_t seal_ret = CRUST_UNEXPECTED_ERROR;`
`@@ -576,14 +585,28 @@ crust_status_t check_seal_file_dup(std::string cid)`
`576`	`585`	`* @param hashs -> Return hashs, which need to be released when used up`
`577`	`586`	`* @return: Status`
`578`	`587`	`*/`
`579`		`-crust_status_t get_hashs_from_block(const uint8_t block_data, size_t block_size, std::vector<uint8_t > &hashs)`
	`588`	`+crust_status_t get_hashs_from_block(const uint8_t block_data, size_t bs, std::vector<uint8_t > &hashs)`
`580`	`589`	`{`
`581`		`- if (block_data == NULL \|\| block_size == 0)`
	`590`	`+ if (block_data == NULL \|\| bs == 0)`
`582`	`591`	`{`
`583`		`- return CRUST_STORAGE_EMPTY_BLOCK;`
	`592`	`+ return CRUST_SUCCESS;`
`584`	`593`	`}`
`585`	`594`
`586`		`- size_t index = 0;`
	`595`	`+ int block_size = int(bs);`
	`596`	`+ int index = 0;`
	`597`	`+ bool is_err = false;`
	`598`	`+`
	`599`	`+ Defer def_plain_data([&hashs, &is_err](void) {`
	`600`	`+ if (is_err)`
	`601`	`+ {`
	`602`	`+ for (size_t i = 0; i < hashs.size(); i++)`
	`603`	`+ {`
	`604`	`+ free(hashs[i]);`
	`605`	`+ }`
	`606`	`+ hashs.clear();`
	`607`	`+ }`
	`608`	`+ });`
	`609`	`+`
`587`	`610`	`while (index < block_size)`
`588`	`611`	`{`
`589`	`612`	`// Skip link header`
`@@ -594,33 +617,35 @@ crust_status_t get_hashs_from_block(const uint8_t *block_data, size_t block_size`
`594`	`617`	`index++;`
`595`	`618`
`596`	`619`	`// Get all link size`
`597`		`- uint32_t link_size = 0;`
	`620`	`+ int link_size = 0;`
`598`	`621`	`for (uint8_t shift = 0;;shift += 7)`
`599`	`622`	`{`
`600`	`623`	`if(shift >= 64)`
`601`	`624`	`{`
`602`		`- return CRUST_UNEXPECTED_ERROR;`
	`625`	`+ is_err = true;`
	`626`	`+ return CRUST_SUCCESS;`
`603`	`627`	`}`
`604`	`628`
`605`	`629`	`if(index >= block_size)`
`606`	`630`	`{`
`607`		`- return CRUST_UNEXPECTED_ERROR;`
	`631`	`+ is_err = true;`
	`632`	`+ return CRUST_SUCCESS;`
`608`	`633`	`}`
`609`	`634`
`610`	`635`	`uint8_t b = block_data[index];`
`611`	`636`	`index++;`
`612`		`- link_size \|= uint32_t(b&0x7F) << shift;`
	`637`	`+ link_size \|= int(b&0x7F) << shift;`
`613`	`638`	`if(b < 0x80)`
`614`	`639`	`{`
`615`	`640`	`break;`
`616`	`641`	`}`
`617`	`642`	`}`
`618`	`643`
`619`		`- if (index + link_size >= block_size)`
	`644`	`+ if (link_size < 0 \|\| index + link_size < 0 \|\| index + link_size >= block_size)`
`620`	`645`	`{`
	`646`	`+ is_err = true;`
`621`	`647`	`break;`
`622`	`648`	`}`
`623`		`-`
`624`	`649`	`size_t index_header = index;`
`625`	`650`
`626`	`651`	`// Skip link hash header`
`@@ -631,41 +656,46 @@ crust_status_t get_hashs_from_block(const uint8_t *block_data, size_t block_size`
`631`	`656`	`index++;`
`632`	`657`
`633`	`658`	`// Get link hash size`
`634`		`- uint32_t hash_with_prefix_size = 0;`
	`659`	`+ int hash_with_prefix_size = 0;`
`635`	`660`	`for (uint8_t shift = 0;;shift += 7)`
`636`	`661`	`{`
`637`	`662`	`if (shift >= 64)`
`638`	`663`	`{`
`639`		`- return CRUST_UNEXPECTED_ERROR;`
	`664`	`+ is_err = true;`
	`665`	`+ return CRUST_SUCCESS;`
`640`	`666`	`}`
`641`	`667`
`642`	`668`	`if(index >= block_size)`
`643`	`669`	`{`
`644`		`- return CRUST_UNEXPECTED_ERROR;`
	`670`	`+ is_err = true;`
	`671`	`+ return CRUST_SUCCESS;`
`645`	`672`	`}`
`646`	`673`
`647`	`674`	`uint8_t b = block_data[index];`
`648`	`675`	`index++;`
`649`		`- hash_with_prefix_size \|= uint32_t(b&0x7F) << shift;`
	`676`	`+ hash_with_prefix_size \|= int(b&0x7F) << shift;`
`650`	`677`	`if(b < 0x80)`
`651`	`678`	`{`
`652`	`679`	`break;`
`653`	`680`	`}`
`654`	`681`	`}`
`655`	`682`
	`683`	`+ if (hash_with_prefix_size < 0 \|\| index + hash_with_prefix_size < HASH_LENGTH + 2 \|\| index + hash_with_prefix_size >= block_size)`
	`684`	`+ {`
	`685`	`+ is_err = true;`
	`686`	`+ break;`
	`687`	`+ }`
	`688`	`+`
`656`	`689`	`if (block_data[index + hash_with_prefix_size - HASH_LENGTH - 1] != 0x20 \|\| block_data[index + hash_with_prefix_size - HASH_LENGTH - 2] != 0x12)`
`657`	`690`	`{`
	`691`	`+ is_err = true;`
`658`	`692`	`break;`
`659`	`693`	`}`
`660`		`-`
	`694`	`+`
`661`	`695`	`uint8_t* hash = (uint8_t *)enc_malloc(HASH_LENGTH);`
`662`	`696`	`if (hash == NULL)`
`663`	`697`	`{`
`664`		`- for (size_t i = 0; i < hashs.size(); i++)`
`665`		`- {`
`666`		`- free(hashs[i]);`
`667`		`- }`
`668`		`- hashs.clear();`
	`698`	`+ is_err = true;`
`669`	`699`	`return CRUST_MALLOC_FAILED;`
`670`	`700`	`}`
`671`	`701`