Skip to content

Commit 4b00da2

Browse files
cconloncconlon
committed
JNI: fix Facebook Infer script exit code, and reported thread safety violations / potential deadlock issues
1 parent d5c181e commit 4b00da2

4 files changed

Lines changed: 170 additions & 113 deletions

File tree

scripts/infer.sh

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ infer --fail-on-issue run -- javac \
3939
src/java/com/wolfssl/WolfSSLCertRequest.java \
4040
src/java/com/wolfssl/WolfSSLCertificate.java \
4141
src/java/com/wolfssl/WolfSSLContext.java \
42+
src/java/com/wolfssl/WolfSSLDebug.java \
4243
src/java/com/wolfssl/WolfSSLDecryptVerifyCallback.java \
4344
src/java/com/wolfssl/WolfSSLEccSharedSecretCallback.java \
4445
src/java/com/wolfssl/WolfSSLEccSignCallback.java \
@@ -52,6 +53,7 @@ infer --fail-on-issue run -- javac \
5253
src/java/com/wolfssl/WolfSSLLoggingCallback.java \
5354
src/java/com/wolfssl/WolfSSLMacEncryptCallback.java \
5455
src/java/com/wolfssl/WolfSSLMissingCRLCallback.java \
56+
src/java/com/wolfssl/WolfSSLNativeLoggingCallback.java \
5557
src/java/com/wolfssl/WolfSSLPskClientCallback.java \
5658
src/java/com/wolfssl/WolfSSLPskServerCallback.java \
5759
src/java/com/wolfssl/WolfSSLRsaDecCallback.java \
@@ -69,15 +71,13 @@ infer --fail-on-issue run -- javac \
6971
src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java \
7072
src/java/com/wolfssl/provider/jsse/WolfSSLContext.java \
7173
src/java/com/wolfssl/provider/jsse/WolfSSLCustomUser.java \
72-
src/java/com/wolfssl/provider/jsse/WolfSSLDebug.java \
7374
src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java \
7475
src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java \
7576
src/java/com/wolfssl/provider/jsse/WolfSSLGenericHostName.java \
7677
src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java \
7778
src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java \
7879
src/java/com/wolfssl/provider/jsse/WolfSSLKeyManager.java \
7980
src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java \
80-
src/java/com/wolfssl/provider/jsse/WolfSSLNativeLoggingCallback.java \
8181
src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java \
8282
src/java/com/wolfssl/provider/jsse/WolfSSLParameters.java \
8383
src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java \
@@ -104,8 +104,10 @@ if [ "$RETVAL" == '0' ] && [ "$KEEP" == 'no' ]; then
104104
rm -r ./infer-out
105105
fi
106106

107-
if [ "$RETVAL" == '2' ]; then
107+
if [ "$RETVAL" == '1' ] || [ "$RETVAL" == '2' ]; then
108108
# GitHub Actions expects return of 1 to mark step as failure
109109
exit 1
110110
fi
111111

112+
exit 0
113+

src/java/com/wolfssl/WolfSSLCertRequest.java

Lines changed: 51 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -172,9 +172,11 @@ public void addAttribute(int nid, byte[] value)
172172

173173
confirmObjectIsActive();
174174

175-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
176-
WolfSSLDebug.INFO, this.x509ReqPtr,
177-
"entered addAttribute(nid: " + nid + ", byte[])");
175+
synchronized (x509ReqLock) {
176+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
177+
WolfSSLDebug.INFO, this.x509ReqPtr,
178+
"entered addAttribute(nid: " + nid + ", byte[])");
179+
}
178180

179181
if (nid != WolfSSL.NID_pkcs9_challengePassword &&
180182
nid != WolfSSL.NID_serialNumber &&
@@ -262,9 +264,11 @@ public void setPublicKey(String filePath, int keyType, int format)
262264

263265
confirmObjectIsActive();
264266

265-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
266-
WolfSSLDebug.INFO, this.x509ReqPtr, "entered setPublicKey(" +
267-
filePath + ", type: " + keyType + ", format: " + format + ")");
267+
synchronized (x509ReqLock) {
268+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
269+
WolfSSLDebug.INFO, this.x509ReqPtr, "entered setPublicKey(" +
270+
filePath + ", type: " + keyType + ", format: " + format + ")");
271+
}
268272

269273
if (filePath == null || filePath.isEmpty()) {
270274
throw new WolfSSLException("File path is null or empty");
@@ -309,10 +313,12 @@ public void setPublicKey(byte[] key, int keyType, int format)
309313

310314
confirmObjectIsActive();
311315

312-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
313-
WolfSSLDebug.INFO, this.x509ReqPtr,
314-
"entered setPublicKey(byte[], type: " + keyType + ", format: " +
315-
format + ")");
316+
synchronized (x509ReqLock) {
317+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
318+
WolfSSLDebug.INFO, this.x509ReqPtr,
319+
"entered setPublicKey(byte[], type: " + keyType + ", format: " +
320+
format + ")");
321+
}
316322

317323
if (key == null || key.length == 0) {
318324
throw new WolfSSLException("Key array is null or empty");
@@ -366,9 +372,11 @@ public void setPublicKey(PublicKey key)
366372

367373
confirmObjectIsActive();
368374

369-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
370-
WolfSSLDebug.INFO, this.x509ReqPtr,
371-
"entered setPublicKey(" + key + ")");
375+
synchronized (x509ReqLock) {
376+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
377+
WolfSSLDebug.INFO, this.x509ReqPtr,
378+
"entered setPublicKey(" + key + ")");
379+
}
372380

373381
if (key instanceof RSAPublicKey) {
374382
keyType = WolfSSL.RSAk;
@@ -442,9 +450,12 @@ public void addExtension(int nid, String value, boolean isCritical)
442450

443451
confirmObjectIsActive();
444452

445-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
446-
WolfSSLDebug.INFO, this.x509ReqPtr, "entered addExtension(nid: " +
447-
nid + ", value: " + value + ", isCritical: " + isCritical + ")");
453+
synchronized (x509ReqLock) {
454+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
455+
WolfSSLDebug.INFO, this.x509ReqPtr,
456+
"entered addExtension(nid: " + nid + ", value: " + value +
457+
", isCritical: " + isCritical + ")");
458+
}
448459

449460
if (nid != WolfSSL.NID_key_usage &&
450461
nid != WolfSSL.NID_subject_alt_name &&
@@ -502,9 +513,12 @@ public void addExtension(int nid, boolean value, boolean isCritical)
502513

503514
confirmObjectIsActive();
504515

505-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
506-
WolfSSLDebug.INFO, this.x509ReqPtr, "entered addExtension(nid: " +
507-
nid + ", value: " + value + ", isCritical: " + isCritical + ")");
516+
synchronized (x509ReqLock) {
517+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
518+
WolfSSLDebug.INFO, this.x509ReqPtr,
519+
"entered addExtension(nid: " + nid + ", value: " + value +
520+
", isCritical: " + isCritical + ")");
521+
}
508522

509523
if (nid != WolfSSL.NID_basic_constraints) {
510524
throw new WolfSSLException(
@@ -553,10 +567,12 @@ public void signRequest(String filePath, int keyType, int format,
553567

554568
confirmObjectIsActive();
555569

556-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
557-
WolfSSLDebug.INFO, this.x509ReqPtr, "entered signRequest(" +
558-
filePath + ", keyType: " + keyType + ", format: " + format +
559-
", digestAlg: " + digestAlg + ")");
570+
synchronized (x509ReqLock) {
571+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
572+
WolfSSLDebug.INFO, this.x509ReqPtr, "entered signRequest(" +
573+
filePath + ", keyType: " + keyType + ", format: " + format +
574+
", digestAlg: " + digestAlg + ")");
575+
}
560576

561577
if (filePath == null || filePath.isEmpty()) {
562578
throw new WolfSSLException("File path is null or empty");
@@ -604,10 +620,12 @@ public void signRequest(byte[] key, int keyType, int format,
604620

605621
confirmObjectIsActive();
606622

607-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
608-
WolfSSLDebug.INFO, this.x509ReqPtr,
609-
"entered signRequest(byte[], keyType: " + keyType + ", format: " +
610-
format + ", digestAlg: " + digestAlg + ")");
623+
synchronized (x509ReqLock) {
624+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
625+
WolfSSLDebug.INFO, this.x509ReqPtr,
626+
"entered signRequest(byte[], keyType: " + keyType +
627+
", format: " + format + ", digestAlg: " + digestAlg + ")");
628+
}
611629

612630
if (key == null || key.length == 0) {
613631
throw new WolfSSLException("Key array is null or empty");
@@ -665,9 +683,12 @@ public void signRequest(PrivateKey key, String digestAlg)
665683

666684
confirmObjectIsActive();
667685

668-
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
669-
WolfSSLDebug.INFO, this.x509ReqPtr, "entered signRequest(key: " +
670-
key + ", digestAlg: " + digestAlg + ")");
686+
synchronized (x509ReqLock) {
687+
WolfSSLDebug.log(getClass(), WolfSSLDebug.Component.JNI,
688+
WolfSSLDebug.INFO, this.x509ReqPtr,
689+
"entered signRequest(key: " + key + ", digestAlg: " +
690+
digestAlg + ")");
691+
}
671692

672693
if (key == null) {
673694
throw new WolfSSLException("Key object is null");

0 commit comments

Comments
 (0)