From 9e456cd7bb6edc3b8efbedcc44b7bd54a08b98d5 Mon Sep 17 00:00:00 2001 From: saturneric Date: Sat, 7 Jun 2025 02:54:08 +0200 Subject: feat(utils): add secure string duplication functions and update memory handling - add SECDUP, USECDUP, QSECDUP macros for secure string duplication - implement QSecStrDup and UnSecStrDup functions - update memory handling to use secure functions where appropriate - improve const correctness in QStrDup parameter - fix memory deallocation in CharArrayToQStringList --- include/GFModuleCommonUtils.hpp | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) (limited to 'include/GFModuleCommonUtils.hpp') diff --git a/include/GFModuleCommonUtils.hpp b/include/GFModuleCommonUtils.hpp index 761ef85..b7fa00e 100644 --- a/include/GFModuleCommonUtils.hpp +++ b/include/GFModuleCommonUtils.hpp @@ -40,8 +40,11 @@ #include #define DUP(v) GFModuleStrDup(v) +#define SECDUP(v) GFModuleSecStrDup(v) #define UDUP(v) UnStrDup(v) +#define USECDUP(v) UnSecStrDup(v) #define QDUP(v) QStrDup(v) +#define QSECDUP(v) QSecStrDup(v) #define LISTEN(event) GFModuleListenEvent(GFGetModuleID(), DUP(event)) @@ -131,7 +134,11 @@ inline void MLogError(const QString& s) { GFModuleLogError(s.toUtf8()); } #define FLOG_ERROR(format, ...) \ MLogError(FormatString(QString(format), __VA_ARGS__)) -inline auto QStrDup(QString str) -> char* { return DUP(str.toUtf8()); } +inline auto QStrDup(const QString& str) -> char* { return DUP(str.toUtf8()); } + +inline auto QSecStrDup(const QString& str) -> char* { + return SECDUP(str.toUtf8()); +} inline auto UnStrDup(const char* s) -> QString { auto q_s = QString::fromUtf8(s == nullptr ? "" : s); @@ -139,8 +146,14 @@ inline auto UnStrDup(const char* s) -> QString { return q_s; } -inline auto FormatStringHelper(const QString& format, - const std::string& arg) -> QString { +inline auto UnSecStrDup(const char* s) -> QString { + auto q_s = QString::fromUtf8(s == nullptr ? "" : s); + if (s != nullptr) GFSecFreeMemory(static_cast(const_cast(s))); + return q_s; +} + +inline auto FormatStringHelper(const QString& format, const std::string& arg) + -> QString { return format.arg(QString::fromStdString(arg)); } @@ -212,7 +225,7 @@ inline auto QMapToGFModuleMetaDataList(const QMap& map) QByteArray const value = it.value().toUtf8(); new_node->key = DUP(key); - new_node->value = DUP(value); + new_node->value = SECDUP(value); new_node->next = nullptr; @@ -235,7 +248,7 @@ inline auto ConvertEventParamsToMap(GFModuleEventParam* params) while (current != nullptr) { const auto name = UDUP(current->name); - const auto value = UDUP(current->value); + const auto value = USECDUP(current->value); if (!name.isEmpty()) param_map[name] = value; @@ -257,7 +270,7 @@ inline auto ConvertMapToParams(const QMap& param_map) GFAllocateMemory(sizeof(GFModuleEventParam))); param->name = DUP(key.toUtf8()); - param->value = DUP(value.toUtf8()); + param->value = SECDUP(value.toUtf8()); param->next = nullptr; if (prev == nullptr) { @@ -274,7 +287,7 @@ inline auto ConvertMapToParams(const QMap& param_map) GFAllocateMemory(sizeof(GFModuleEventParam))); param->name = DUP(it->first.toUtf8()); - param->value = DUP(it->second.toUtf8()); + param->value = SECDUP(it->second.toUtf8()); param->next = nullptr; if (prev == nullptr) { @@ -391,13 +404,13 @@ auto SecureCreateQSharedObject(Args&&... args) -> QSharedPointer { } } -inline auto CharArrayToQStringList(char** pl_components, - int size) -> QStringList { +inline auto CharArrayToQStringList(char** pl_components, int size) + -> QStringList { QStringList list; for (int i = 0; i < size; ++i) { list.append(UDUP(pl_components[i])); } - GFFreeMemory(pl_components); + GFFreeMemory(static_cast(pl_components)); return list; } -- cgit v1.2.3