From 96bd77de5ad7b7a13f7e48e0f95c05ef49255aa0 Mon Sep 17 00:00:00 2001 From: Mike Kaganski Date: Mon, 13 Sep 2021 11:29:37 +0300 Subject: Use implementing XUnoTunnel part 5 - Revise uses of getSomething to use getFromUnoTunnel Where that is impossible, use getSomething_cast to unify casting, and minimize number of places doing low-level transformations. The change keeps the existing tunnel references that last for the duration of the pointers' life, because sometimes destroying such reference may destroy the pointed object, and result in use after free. Change-Id: I291c33223582c34cd2c763aa8aacf0ae899ca4c0 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/122101 Tested-by: Jenkins Reviewed-by: Mike Kaganski --- xmlsecurity/source/gpg/SecurityEnvironment.cxx | 5 +---- .../mscrypt/securityenvironment_mscryptimpl.cxx | 9 +++----- .../xmlsec/mscrypt/seinitializer_mscryptimpl.cxx | 5 ++--- .../xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx | 8 +++---- .../xmlsec/nss/securityenvironment_nssimpl.cxx | 11 +++------ .../source/xmlsec/nss/seinitializer_nssimpl.cxx | 5 ++--- .../source/xmlsec/nss/xmlsignature_nssimpl.cxx | 26 ++++++++-------------- .../xmlsec/xmldocumentwrapper_xmlsecimpl.cxx | 5 +---- 8 files changed, 25 insertions(+), 49 deletions(-) (limited to 'xmlsecurity') diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx index f7b524da6763..941651aaf64b 100644 --- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx +++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx @@ -220,10 +220,7 @@ sal_Int32 SecurityEnvironmentGpg::verifyCertificate( const Reference< XCertifica sal_Int32 SecurityEnvironmentGpg::getCertificateCharacters( const Reference< XCertificate >& aCert) { - const CertificateImpl* xCert; - Reference< XUnoTunnel > xCertTunnel(aCert, UNO_QUERY_THROW) ; - xCert = reinterpret_cast(sal::static_int_cast(xCertTunnel->getSomething(CertificateImpl::getUnoTunnelId()))) ; - if (xCert == nullptr) + if (comphelper::getFromUnoTunnel(aCert) == nullptr) throw RuntimeException(); // we only listed private keys anyway, up in diff --git a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx index 0a4d9191f366..dfb81ab177ee 100644 --- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx +++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx @@ -573,7 +573,6 @@ uno::Reference< XCertificate > SecurityEnvironment_MSCryptImpl::getCertificate( uno::Sequence< uno::Reference < XCertificate > > SecurityEnvironment_MSCryptImpl::buildCertificatePath( const uno::Reference< XCertificate >& begin ) { PCCERT_CHAIN_CONTEXT pChainContext ; PCCERT_CONTEXT pCertContext ; - const X509Certificate_MSCryptImpl* xcert ; CERT_ENHKEY_USAGE enhKeyUsage ; CERT_USAGE_MATCH certUsage ; @@ -587,7 +586,7 @@ uno::Sequence< uno::Reference < XCertificate > > SecurityEnvironment_MSCryptImpl chainPara.RequestedUsage = certUsage ; uno::Reference< XUnoTunnel > xCertTunnel( begin, uno::UNO_QUERY_THROW ) ; - xcert = reinterpret_cast(xCertTunnel->getSomething( X509Certificate_MSCryptImpl::getUnoTunnelId() )); + const auto* xcert = comphelper::getFromUnoTunnel(xCertTunnel); if( xcert == nullptr ) { throw uno::RuntimeException() ; } @@ -755,8 +754,7 @@ sal_Int32 SecurityEnvironment_MSCryptImpl::verifyCertificate( SAL_INFO("xmlsecurity.xmlsec", "Start verification of certificate: " << aCert->getSubjectName()); - auto xcert = reinterpret_cast - (xCertTunnel->getSomething( X509Certificate_MSCryptImpl::getUnoTunnelId() )); + const auto* xcert = comphelper::getFromUnoTunnel(xCertTunnel); if( xcert == nullptr ) { throw uno::RuntimeException() ; } @@ -913,10 +911,9 @@ sal_Int32 SecurityEnvironment_MSCryptImpl::verifyCertificate( sal_Int32 SecurityEnvironment_MSCryptImpl::getCertificateCharacters( const css::uno::Reference< css::security::XCertificate >& aCert ) { sal_Int32 characters ; PCCERT_CONTEXT pCertContext ; - const X509Certificate_MSCryptImpl* xcert ; uno::Reference< XUnoTunnel > xCertTunnel( aCert, uno::UNO_QUERY_THROW ) ; - xcert = reinterpret_cast(xCertTunnel->getSomething( X509Certificate_MSCryptImpl::getUnoTunnelId() )); + const auto* xcert = comphelper::getFromUnoTunnel(xCertTunnel); if( xcert == nullptr ) { throw uno::RuntimeException() ; } diff --git a/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx index f194106eea5f..e626beeffaaa 100644 --- a/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx +++ b/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx @@ -79,7 +79,7 @@ uno::Reference< cssxc::XXMLSecurityContext > SAL_CALL /* Setup key slot and certDb */ uno::Reference< cssl::XUnoTunnel > xSecEnvTunnel( xSecEnv, uno::UNO_QUERY_THROW ); - SecurityEnvironment_MSCryptImpl* pSecEnv = reinterpret_cast(xSecEnvTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() )); + SecurityEnvironment_MSCryptImpl* pSecEnv = comphelper::getFromUnoTunnel(xSecEnvTunnel); if( pSecEnv == nullptr ) { if( n_hStoreHandle != nullptr ) @@ -128,9 +128,8 @@ void SAL_CALL SEInitializer_MSCryptImpl::freeSecurityContext( const uno::Referen if( xSecEnv.is() ) { uno::Reference< cssl::XUnoTunnel > xEnvTunnel( xSecEnv , uno::UNO_QUERY ) ; - if( xEnvTunnel.is() ) + if (auto pSecEnv = comphelper::getFromUnoTunnel(xEnvTunnel)) { - SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xEnvTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; HCERTSTORE n_hStoreHandle = pSecEnv->getCryptoSlot(); if( n_hStoreHandle != NULL ) diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx index d9b8b1eace68..0d3e72d18dc2 100644 --- a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx @@ -101,7 +101,7 @@ SAL_CALL XMLSignature_MSCryptImpl::generate( //Get Keys Manager Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY_THROW ) ; - SecurityEnvironment_MSCryptImpl* pSecEnv = reinterpret_cast(xSecTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() )); + SecurityEnvironment_MSCryptImpl* pSecEnv = comphelper::getFromUnoTunnel(xSecTunnel); if( pSecEnv == nullptr ) throw RuntimeException() ; @@ -112,7 +112,7 @@ SAL_CALL XMLSignature_MSCryptImpl::generate( } Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY_THROW ) ; - XMLElementWrapper_XmlSecImpl* pElement = reinterpret_cast(xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelId() )); + XMLElementWrapper_XmlSecImpl* pElement = comphelper::getFromUnoTunnel(xNodTunnel); if( pElement == nullptr ) { throw RuntimeException() ; } @@ -190,7 +190,7 @@ SAL_CALL XMLSignature_MSCryptImpl::validate( = aSecurityCtx->getSecurityEnvironmentByIndex( aSecurityCtx->getDefaultSecurityEnvironmentIndex()); Reference< XUnoTunnel > xSecTunnel( xSecEnv , UNO_QUERY_THROW ) ; - SecurityEnvironment_MSCryptImpl* pSecEnv = reinterpret_cast(xSecTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() )); + SecurityEnvironment_MSCryptImpl* pSecEnv = comphelper::getFromUnoTunnel(xSecTunnel); if( pSecEnv == nullptr ) throw RuntimeException() ; @@ -200,7 +200,7 @@ SAL_CALL XMLSignature_MSCryptImpl::validate( throw RuntimeException() ; Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY_THROW ) ; - XMLElementWrapper_XmlSecImpl* pElement = reinterpret_cast(xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelId() )); + XMLElementWrapper_XmlSecImpl* pElement = comphelper::getFromUnoTunnel(xNodTunnel); if( pElement == nullptr ) throw RuntimeException() ; diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx index f3f22330fb42..ee7b884ea343 100644 --- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx @@ -372,8 +372,7 @@ Sequence< Reference < XCertificate > > SecurityEnvironment_NssImpl::buildCertifi m_xSigningCertificate = begin; Reference< XUnoTunnel > xCertTunnel( begin, UNO_QUERY_THROW ) ; - const X509Certificate_NssImpl* xcert = reinterpret_cast( - sal::static_int_cast(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; + const X509Certificate_NssImpl* xcert = comphelper::getFromUnoTunnel(xCertTunnel); if( xcert == nullptr ) { throw RuntimeException() ; } @@ -503,14 +502,12 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert, const Sequence< Reference< csss::XCertificate > >& intermediateCerts ) { sal_Int32 validity = csss::CertificateValidity::INVALID; - const X509Certificate_NssImpl* xcert ; const CERTCertificate* cert ; Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY_THROW ) ; SAL_INFO("xmlsecurity.xmlsec", "Start verification of certificate: " << aCert->getSubjectName()); - xcert = reinterpret_cast( - sal::static_int_cast(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; + const X509Certificate_NssImpl* xcert = comphelper::getFromUnoTunnel(xCertTunnel); if( xcert == nullptr ) { throw RuntimeException() ; } @@ -720,12 +717,10 @@ verifyCertificate( const Reference< csss::XCertificate >& aCert, sal_Int32 SecurityEnvironment_NssImpl::getCertificateCharacters( const css::uno::Reference< css::security::XCertificate >& aCert ) { sal_Int32 characters ; - const X509Certificate_NssImpl* xcert ; const CERTCertificate* cert ; Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY_THROW ) ; - xcert = reinterpret_cast( - sal::static_int_cast(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; + const X509Certificate_NssImpl* xcert = comphelper::getFromUnoTunnel(xCertTunnel); if( xcert == nullptr ) { throw RuntimeException() ; } diff --git a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx index 3e59efa48e0d..6ada0522bcd9 100644 --- a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx @@ -20,6 +20,7 @@ #include #include #include +#include #include #include "seinitializer_nssimpl.hxx" @@ -58,9 +59,7 @@ uno::Reference< css::xml::crypto::XXMLSecurityContext > SAL_CALL uno::Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv = css::xml::crypto::SecurityEnvironment::create( m_xContext ); uno::Reference< lang::XUnoTunnel > xSecEnvTunnel(xSecEnv, uno::UNO_QUERY_THROW); - SecurityEnvironment_NssImpl* pSecEnv = reinterpret_cast( - sal::static_int_cast( - xSecEnvTunnel->getSomething(SecurityEnvironment_NssImpl::getUnoTunnelId() ))) ; + SecurityEnvironment_NssImpl* pSecEnv = comphelper::getFromUnoTunnel(xSecEnvTunnel); pSecEnv->setCertDb(pCertHandle); sal_Int32 n = xSecCtx->addSecurityEnvironment(xSecEnv); diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx index b41d754f7407..3fbece2eb540 100644 --- a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx @@ -26,6 +26,7 @@ #include "securityenvironment_nssimpl.hxx" +#include #include #include @@ -108,10 +109,8 @@ SAL_CALL XMLSignature_NssImpl::generate( } Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY_THROW ) ; - XMLElementWrapper_XmlSecImpl* pElement = - reinterpret_cast( - sal::static_int_cast( - xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelId() ))); + XMLElementWrapper_XmlSecImpl* pElement + = comphelper::getFromUnoTunnel(xNodTunnel); if( pElement == nullptr ) { throw RuntimeException() ; } @@ -130,11 +129,8 @@ SAL_CALL XMLSignature_NssImpl::generate( Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY_THROW ) ; // the key manager should be retrieved from SecurityEnvironment, instead of SecurityContext - - SecurityEnvironment_NssImpl* pSecEnv = - reinterpret_cast( - sal::static_int_cast( - xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); + SecurityEnvironment_NssImpl* pSecEnv + = comphelper::getFromUnoTunnel(xSecTunnel); if( pSecEnv == nullptr ) throw RuntimeException() ; @@ -196,10 +192,8 @@ SAL_CALL XMLSignature_NssImpl::validate( throw RuntimeException() ; Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY_THROW ) ; - XMLElementWrapper_XmlSecImpl* pElement = - reinterpret_cast( - sal::static_int_cast( - xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelId() ))); + XMLElementWrapper_XmlSecImpl* pElement + = comphelper::getFromUnoTunnel(xNodTunnel); if( pElement == nullptr ) throw RuntimeException() ; @@ -224,10 +218,8 @@ SAL_CALL XMLSignature_NssImpl::validate( //Get Keys Manager Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY_THROW ) ; - SecurityEnvironment_NssImpl* pSecEnv = - reinterpret_cast( - sal::static_int_cast( - xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); + SecurityEnvironment_NssImpl* pSecEnv + = comphelper::getFromUnoTunnel(xSecTunnel); if( pSecEnv == nullptr ) throw RuntimeException() ; diff --git a/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.cxx b/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.cxx index 430bb996fe21..c648865cae1d 100644 --- a/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.cxx +++ b/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.cxx @@ -372,10 +372,7 @@ xmlNodePtr XMLDocumentWrapper_XmlSecImpl::checkElement( const uno::Reference< cs { uno::Reference< css::lang::XUnoTunnel > xNodTunnel( xXMLElement, uno::UNO_QUERY_THROW ) ; XMLElementWrapper_XmlSecImpl* pElement - = reinterpret_cast( - sal::static_int_cast( - xNodTunnel->getSomething( - XMLElementWrapper_XmlSecImpl::getUnoTunnelId() ))) ; + = comphelper::getFromUnoTunnel(xNodTunnel); if( pElement == nullptr ) { throw uno::RuntimeException() ; -- cgit