Hi Dave,
On 1/28/2022 11:06 AM, Dave Hansen wrote:
On 1/28/22 10:23, Reinette Chatre wrote:
In support of debugging the SGX tests print details from the enclave and its memory mappings if any failure is encountered during enclave loading.
When a failure is encountered no data is printed because the printing of the data is preceded by cleanup of the data.
Move the data cleanup after the data print.
Isn't it worse than that?
err:
- encl_delete(encl);
- for (i = 0; i < encl->nr_segments; i++) { seg = &encl->segment_tbl[i];
encl_delete() does:
free(encl->segment_tbl);
but doesn't zero encl->nr_segments from what I can see. That seems like a use-after-free.
encl_delete() ends with:
memset(encl, 0, sizeof(*encl));
that will zero encl->nr_segments.
Even so, (after this change) the function to which this change belongs flows as follows:
setup_test_encl() { ... if (!encl_load("test_encl.elf", encl, heap_size)) { encl_delete(encl); ... return false; }
<=== /* * At this point, because encl_load() succeeded, * encl->segment_tbl and encl->nr_segments will * be valid. */
/* * Further initialization code, any of which can * "goto err" on failure. */
err: /* encl->segment_tbl and encl->nr_segments are valid for use */
... encl_delete(); /* encl->segment_tbl and encl->nr_segments are NOT valid for use */ return false; }
Seems like we need to really run the selftest under valgrind.
Reinette