Merge pull request #151 from elichai/2019-08-Cptr-null

Explicit checks for ZST + null fallbacks

Author: apoelstra

src/context.rs

@@ -1,5 +1,5 @@
 use core::marker::PhantomData;
-use ffi;
+use ffi::{self, CPtr};
 use types::{c_uint, c_void};
 use Error;
 use Secp256k1;
@@ -181,7 +181,7 @@ impl<'buf, C: Context + 'buf> Secp256k1<C> {
         Ok(Secp256k1 {
             ctx: unsafe {
                 ffi::secp256k1_context_preallocated_create(
-                    buf.as_mut_ptr() as *mut c_void,
+                    buf.as_mut_c_ptr() as *mut c_void,
                     C::FLAGS)
             },
             phantom: PhantomData,

src/ecdh.rs

@@ -19,7 +19,7 @@
 use core::{ops, ptr};
 
 use key::{SecretKey, PublicKey};
-use ffi;
+use ffi::{self, CPtr};
 
 /// A tag used for recovering the public key from a compact signature
 #[derive(Copy, Clone, PartialEq, Eq, Debug)]
@@ -34,8 +34,8 @@ impl SharedSecret {
             let res = ffi::secp256k1_ecdh(
                 ffi::secp256k1_context_no_precomp,
                 &mut ss,
-                point.as_ptr(),
-                scalar.as_ptr(),
+                point.as_c_ptr(),
+                scalar.as_c_ptr(),
                 ffi::secp256k1_ecdh_hash_function_default,
                 ptr::null_mut(),
             );

src/ffi.rs

@@ -16,7 +16,7 @@
 //! # FFI bindings
 //! Direct bindings to the underlying C library functions. These should
 //! not be needed for most users.
-use core::{mem, hash, slice};
+use core::{mem, hash, slice, ptr};
 use types::*;
 
 /// Flag for context to enable no precomputation
@@ -359,6 +359,38 @@ unsafe fn strlen(mut str_ptr: *const c_char) -> usize {
 }
 
 
+/// A trait for producing pointers that will always be valid in C. (assuming NULL pointer is a valid no-op)
+/// Rust doesn't promise what pointers does it give to ZST (https://doc.rust-lang.org/nomicon/exotic-sizes.html#zero-sized-types-zsts)
+/// In case the type is empty this trait will give a NULL pointer, which should be handled in C.
+/// 
+pub(crate) trait CPtr {
+    type Target;
+    fn as_c_ptr(&self) -> *const Self::Target;
+    fn as_mut_c_ptr(&mut self) -> *mut Self::Target;
+}
+
+impl<T> CPtr for [T] {
+    type Target = T;
+    fn as_c_ptr(&self) -> *const Self::Target {
+        if self.is_empty() {
+            ptr::null()
+        } else {
+            self.as_ptr()
+        }
+    }
+
+    fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
+        if self.is_empty() {
+            ptr::null::<Self::Target>() as *mut _
+        } else {
+            self.as_mut_ptr()
+        }
+    }
+}
+
+
+
+
 #[cfg(feature = "fuzztarget")]
 mod fuzz_dummy {
     extern crate std;

src/key.rs

@@ -24,7 +24,7 @@ use super::Error::{self, InvalidPublicKey, InvalidSecretKey};
 use Signing;
 use Verification;
 use constants;
-use ffi;
+use ffi::{self, CPtr};
 
 /// Secret 256-bit key used as `x` in an ECDSA signature
 pub struct SecretKey([u8; constants::SECRET_KEY_SIZE]);
@@ -117,7 +117,7 @@ impl SecretKey {
         unsafe {
             while ffi::secp256k1_ec_seckey_verify(
                 ffi::secp256k1_context_no_precomp,
-                data.as_ptr(),
+                data.as_c_ptr(),
             ) == 0
             {
                 data = random_32_bytes(rng);
@@ -135,7 +135,7 @@ impl SecretKey {
                 unsafe {
                     if ffi::secp256k1_ec_seckey_verify(
                         ffi::secp256k1_context_no_precomp,
-                        data.as_ptr(),
+                        data.as_c_ptr(),
                     ) == 0
                     {
                         return Err(InvalidSecretKey);
@@ -162,8 +162,8 @@ impl SecretKey {
         unsafe {
             if ffi::secp256k1_ec_privkey_tweak_add(
                 ffi::secp256k1_context_no_precomp,
-                self.as_mut_ptr(),
-                other.as_ptr(),
+                self.as_mut_c_ptr(),
+                other.as_c_ptr(),
             ) != 1
             {
                 Err(Error::InvalidTweak)
@@ -187,8 +187,8 @@ impl SecretKey {
         unsafe {
             if ffi::secp256k1_ec_privkey_tweak_mul(
                 ffi::secp256k1_context_no_precomp,
-                self.as_mut_ptr(),
-                other.as_ptr(),
+                self.as_mut_c_ptr(),
+                other.as_c_ptr(),
             ) != 1
             {
                 Err(Error::InvalidTweak)
@@ -223,7 +223,7 @@ impl PublicKey {
         unsafe {
             // We can assume the return value because it's not possible to construct
             // an invalid `SecretKey` without transmute trickery or something
-            let res = ffi::secp256k1_ec_pubkey_create(secp.ctx, &mut pk, sk.as_ptr());
+            let res = ffi::secp256k1_ec_pubkey_create(secp.ctx, &mut pk, sk.as_c_ptr());
             debug_assert_eq!(res, 1);
         }
         PublicKey(pk)
@@ -232,12 +232,14 @@ impl PublicKey {
     /// Creates a public key directly from a slice
     #[inline]
     pub fn from_slice(data: &[u8]) -> Result<PublicKey, Error> {
+        if data.is_empty() {return Err(Error::InvalidPublicKey);}
+
         let mut pk = ffi::PublicKey::new();
         unsafe {
             if ffi::secp256k1_ec_pubkey_parse(
                 ffi::secp256k1_context_no_precomp,
                 &mut pk,
-                data.as_ptr(),
+                data.as_c_ptr(),
                 data.len() as usize,
             ) == 1
             {
@@ -259,9 +261,9 @@ impl PublicKey {
             let mut ret_len = constants::PUBLIC_KEY_SIZE as usize;
             let err = ffi::secp256k1_ec_pubkey_serialize(
                 ffi::secp256k1_context_no_precomp,
-                ret.as_mut_ptr(),
+                ret.as_mut_c_ptr(),
                 &mut ret_len,
-                self.as_ptr(),
+                self.as_c_ptr(),
                 ffi::SECP256K1_SER_COMPRESSED,
             );
             debug_assert_eq!(err, 1);
@@ -278,9 +280,9 @@ impl PublicKey {
             let mut ret_len = constants::UNCOMPRESSED_PUBLIC_KEY_SIZE as usize;
             let err = ffi::secp256k1_ec_pubkey_serialize(
                 ffi::secp256k1_context_no_precomp,
-                ret.as_mut_ptr(),
+                ret.as_mut_c_ptr(),
                 &mut ret_len,
-                self.as_ptr(),
+                self.as_c_ptr(),
                 ffi::SECP256K1_SER_UNCOMPRESSED,
             );
             debug_assert_eq!(err, 1);
@@ -303,7 +305,7 @@ impl PublicKey {
         }
         unsafe {
             if ffi::secp256k1_ec_pubkey_tweak_add(secp.ctx, &mut self.0 as *mut _,
-                                                  other.as_ptr()) == 1 {
+                                                  other.as_c_ptr()) == 1 {
                 Ok(())
             } else {
                 Err(Error::InvalidTweak)
@@ -325,7 +327,7 @@ impl PublicKey {
         }
         unsafe {
             if ffi::secp256k1_ec_pubkey_tweak_mul(secp.ctx, &mut self.0 as *mut _,
-                                                  other.as_ptr()) == 1 {
+                                                  other.as_c_ptr()) == 1 {
                 Ok(())
             } else {
                 Err(Error::InvalidTweak)
@@ -339,11 +341,11 @@ impl PublicKey {
     pub fn combine(&self, other: &PublicKey) -> Result<PublicKey, Error> {
         unsafe {
             let mut ret = ffi::PublicKey::new();
-            let ptrs = [self.as_ptr(), other.as_ptr()];
+            let ptrs = [self.as_c_ptr(), other.as_c_ptr()];
             if ffi::secp256k1_ec_pubkey_combine(
                 ffi::secp256k1_context_no_precomp,
                 &mut ret,
-                ptrs.as_ptr(),
+                ptrs.as_c_ptr(),
                 2
             ) == 1
             {
@@ -355,6 +357,18 @@ impl PublicKey {
     }
 }
 
+impl CPtr for PublicKey {
+    type Target = ffi::PublicKey;
+    fn as_c_ptr(&self) -> *const Self::Target {
+        self.as_ptr()
+    }
+
+    fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
+        self.as_mut_ptr()
+    }
+}
+
+
 /// Creates a new public key from a FFI public key
 impl From<ffi::PublicKey> for PublicKey {
     #[inline]
@@ -562,6 +576,36 @@ mod test {
             PublicKey::from_slice(&[0x55; constants::PUBLIC_KEY_SIZE]),
             Err(InvalidPublicKey)
         );
+        assert_eq!(
+            PublicKey::from_slice(&[]),
+            Err(InvalidPublicKey)
+        );
+    }
+
+    #[test]
+    fn test_seckey_from_bad_slice() {
+        // Bad sizes
+        assert_eq!(
+            SecretKey::from_slice(&[0; constants::SECRET_KEY_SIZE - 1]),
+            Err(InvalidSecretKey)
+        );
+        assert_eq!(
+            SecretKey::from_slice(&[0; constants::SECRET_KEY_SIZE + 1]),
+            Err(InvalidSecretKey)
+        );
+        // Bad parse
+        assert_eq!(
+            SecretKey::from_slice(&[0xff; constants::SECRET_KEY_SIZE]),
+            Err(InvalidSecretKey)
+        );
+        assert_eq!(
+            SecretKey::from_slice(&[0x00; constants::SECRET_KEY_SIZE]),
+            Err(InvalidSecretKey)
+        );
+        assert_eq!(
+            SecretKey::from_slice(&[]),
+            Err(InvalidSecretKey)
+        );
     }
 
     #[test]

src/lib.rs

@@ -161,6 +161,7 @@ pub use key::PublicKey;
 pub use context::*;
 use core::marker::PhantomData;
 use core::ops::Deref;
+use ffi::CPtr;
 
 /// An ECDSA signature
 #[derive(Copy, Clone, PartialEq, Eq)]
@@ -246,13 +247,15 @@ impl Signature {
 #[inline]
     /// Converts a DER-encoded byte slice to a signature
     pub fn from_der(data: &[u8]) -> Result<Signature, Error> {
+        if data.is_empty() {return Err(Error::InvalidSignature);}
+
         let mut ret = ffi::Signature::new();
 
         unsafe {
             if ffi::secp256k1_ecdsa_signature_parse_der(
                 ffi::secp256k1_context_no_precomp,
                 &mut ret,
-                data.as_ptr(),
+                data.as_c_ptr(),
                 data.len() as usize,
             ) == 1
             {
@@ -274,7 +277,7 @@ impl Signature {
             if ffi::secp256k1_ecdsa_signature_parse_compact(
                 ffi::secp256k1_context_no_precomp,
                 &mut ret,
-                data.as_ptr(),
+                data.as_c_ptr(),
             ) == 1
             {
                 Ok(Signature(ret))
@@ -289,12 +292,14 @@ impl Signature {
     /// 2016. It should never be used in new applications. This library does not
     /// support serializing to this "format"
     pub fn from_der_lax(data: &[u8]) -> Result<Signature, Error> {
+        if data.is_empty() {return Err(Error::InvalidSignature);}
+
         unsafe {
             let mut ret = ffi::Signature::new();
             if ffi::ecdsa_signature_parse_der_lax(
                 ffi::secp256k1_context_no_precomp,
                 &mut ret,
-                data.as_ptr(),
+                data.as_c_ptr(),
                 data.len() as usize,
             ) == 1
             {
@@ -328,8 +333,8 @@ impl Signature {
             // was already normalized. We don't care.
             ffi::secp256k1_ecdsa_signature_normalize(
                 ffi::secp256k1_context_no_precomp,
-                self.as_mut_ptr(),
-                self.as_ptr(),
+                self.as_mut_c_ptr(),
+                self.as_c_ptr(),
             );
         }
     }
@@ -356,7 +361,7 @@ impl Signature {
                 ffi::secp256k1_context_no_precomp,
                 ret.get_data_mut_ptr(),
                 &mut len,
-                self.as_ptr(),
+                self.as_c_ptr(),
             );
             debug_assert!(err == 1);
             ret.set_len(len);
@@ -371,15 +376,26 @@ impl Signature {
         unsafe {
             let err = ffi::secp256k1_ecdsa_signature_serialize_compact(
                 ffi::secp256k1_context_no_precomp,
-                ret.as_mut_ptr(),
-                self.as_ptr(),
+                ret.as_mut_c_ptr(),
+                self.as_c_ptr(),
             );
             debug_assert!(err == 1);
         }
         ret
     }
 }
 
+impl CPtr for Signature {
+    type Target = ffi::Signature;
+    fn as_c_ptr(&self) -> *const Self::Target {
+        self.as_ptr()
+    }
+
+    fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
+        self.as_mut_ptr()
+    }
+}
+
 /// Creates a new signature from a FFI signature
 impl From<ffi::Signature> for Signature {
     #[inline]
@@ -583,7 +599,7 @@ impl<C: Context> Secp256k1<C> {
         let mut seed = [0; 32];
         rng.fill_bytes(&mut seed);
         unsafe {
-            let err = ffi::secp256k1_context_randomize(self.ctx, seed.as_ptr());
+            let err = ffi::secp256k1_context_randomize(self.ctx, seed.as_c_ptr());
             // This function cannot fail; it has an error return for future-proofing.
             // We do not expose this error since it is impossible to hit, and we have
             // precedent for not exposing impossible errors (for example in
@@ -609,8 +625,8 @@ impl<C: Signing> Secp256k1<C> {
         unsafe {
             // We can assume the return value because it's not possible to construct
             // an invalid signature from a valid `Message` and `SecretKey`
-            assert_eq!(ffi::secp256k1_ecdsa_sign(self.ctx, &mut ret, msg.as_ptr(),
-                                                 sk.as_ptr(), ffi::secp256k1_nonce_function_rfc6979,
+            assert_eq!(ffi::secp256k1_ecdsa_sign(self.ctx, &mut ret, msg.as_c_ptr(),
+                                                 sk.as_c_ptr(), ffi::secp256k1_nonce_function_rfc6979,
                                                  ptr::null()), 1);
         }
 
@@ -640,7 +656,7 @@ impl<C: Verification> Secp256k1<C> {
     #[inline]
     pub fn verify(&self, msg: &Message, sig: &Signature, pk: &key::PublicKey) -> Result<(), Error> {
         unsafe {
-            if ffi::secp256k1_ecdsa_verify(self.ctx, sig.as_ptr(), msg.as_ptr(), pk.as_ptr()) == 0 {
+            if ffi::secp256k1_ecdsa_verify(self.ctx, sig.as_c_ptr(), msg.as_c_ptr(), pk.as_c_ptr()) == 0 {
                 Err(Error::IncorrectSignature)
             } else {
                 Ok(())