logo标签列表

Firebird数据库UDF加密/解密未释放内存

c++sqluser-defined-functionsfirebirdfirebird-3.0
3

我正在测试Firebird 3数据库中的UDF外部函数,我制作了一个C++ DLL,它使用给定的密钥对给定字符串执行简单的异或操作。

这是代码:

#include <windows.h>
#include <iostream>
#include <string>
#include <stdio.h>
#include <vector>
#include <math.h>

#include "../FirebirdLib/src/include/ibase.h"
#include "ib_util.h"


using namespace std;

//------------------------------------------------------------------------------------
typedef void (__stdcall * FCallback)(const char * message);
FCallback g_messageCallback = 0;
FCallback g_errorCallback = 0;
//------------------------------------------------------------------------------------
#define ON_MESSAGE(mess) { if(g_messageCallback) g_messageCallback(mess); }
#define ON_ERROR(mess) { if(g_errorCallback) g_errorCallback(mess); }
//------------------------------------------------------------------------------------
extern "C" __declspec(dllexport) void RegisterCallbacks(FCallback messageCallback, FCallback errorCallback)
{
    g_messageCallback = messageCallback;
    g_errorCallback = errorCallback;
}
//------------------------------------------------------------------------------------
class EncryptionUDF
{
public:
    EncryptionUDF()
    {

        //ON_MESSAGE("--EncryptionUDF created--")
    }
    ~EncryptionUDF()
    {
        //ON_MESSAGE("--EncryptionUDF destroyed--")
    }

    char* XORCipher(const char* data, const char* key, int dataLen, int keyLen) {
        char* output = (char*)ib_util_malloc(2000 + 1L);
        output[dataLen] = '\0';
        for (int i = 0; i < dataLen; ++i) {
            if (data[i] != key[i % keyLen])
                output[i] = data[i] ^ key[i % keyLen];
            else 
                output[i] = data[i];
        }       

        return output;
    }

    char * Encrypt(const char * str, const char * key) {
        int dataLen = strlen(str);
        int keyLen = strlen(key);
        char* output = (char*)ib_util_malloc(2000 + 1L);
        output[dataLen] = '\0';

        try {
            if ((str == NULL) || (str[0] == '\0')) {
                return NULL;
            }
            else {
                try {
                    if ((key != NULL) && (key[0] == '\0')) {
                        strncpy(output, str, dataLen);
                    }
                    else if (key != NULL) {
                        output = XORCipher(str, key, dataLen, keyLen);
                    }
                    else strncpy(output, str, dataLen);
                }
                catch (...) { strncpy(output, str, dataLen); }

                return output;
            }
        }
        catch (...) { strncpy(output, str, dataLen); }

        return output;
    }

    char * Decrypt(const char * str, const char * key) {
        int dataLen = strlen(str);
        int keyLen = strlen(key);
        char* output = (char*)ib_util_malloc(2000 + 1L);
        output[dataLen] = '\0';

        try {
            if ((str == NULL) || (str[0] == '\0')) {
                return NULL;
            }
            else {
                try {
                    if ((key != NULL) && (key[0] == '\0')) {
                        strncpy(output, str, dataLen);
                    }
                    else if (key != NULL) {
                        output = XORCipher(str, key, dataLen, keyLen);
                    }
                    else strncpy(output, str, dataLen);
                }
                catch (...) { strncpy(output, str, dataLen); }

                return output;
            }
        }
        catch (...) { strncpy(output, str, dataLen); }

        return output;
    }
};
//------------------------------------------------------------------------------------
extern "C" __declspec(dllexport) char * EncryptUDF_DesEncrypt(const char *str, const char *key)
{
    try
    {
        EncryptionUDF self = EncryptionUDF();
        return self.Encrypt(str, key);
    }
    catch (std::exception & ex)
    {
        ON_ERROR(ex.what());
    }
    catch (...)
    {
        ON_ERROR("Unknown error");
    }
    return 0;
}
//------------------------------------------------------------------------------------
extern "C" __declspec(dllexport) char * EncryptUDF_DesDecrypt(const char *str, const char *key)
{
    try
    {
        EncryptionUDF self = EncryptionUDF();
        return self.Decrypt(str, key);
    }
    catch (std::exception & ex)
    {
        ON_ERROR(ex.what());
    }
    catch (...)
    {
        ON_ERROR("Unknown error");
    }
    return 0;
}
//------------------------------------------------------------------------------------
BOOL APIENTRY DllMain( HMODULE hModule,
                      DWORD  ul_reason_for_call,
                      LPVOID lpReserved
                      )
{
    return TRUE;
}
//------------------------------------------------------------------------------------

UDF在数据库中定义为:

DECLARE EXTERNAL FUNCTION X_DECRYPT
  CSTRING(2000),
  CSTRING(64)
RETURNS CSTRING(2000) FREE_IT
ENTRY_POINT 'EncryptUDF_DesDecrypt' MODULE_NAME 'EncryptUDF';

DECLARE EXTERNAL FUNCTION X_ENCRYPT
  CSTRING(2000),
  CSTRING(64)
RETURNS CSTRING(2000) FREE_IT
ENTRY_POINT 'EncryptUDF_DesEncrypt' MODULE_NAME 'EncryptUDF';

在使用这个UDF进行SQL select命令时,Firebird服务器使用的RAM往往会持续增加。在使用嵌入式模式时,RAM迅速上升,在服务器模式下,RAM增长缓慢但更受控制。

请帮忙理解错误出在哪里。

1个回答
2

经过一些调查,我决定更改代码中使用的字符串复制部分:

strncpy(output, str, dataLen);

使用:

strncpy_s(output, dataLen, str, dataLen);

在这次更改之后,无论是在嵌入式firebird还是服务器模式下,内存都已经恢复到正常水平。

似乎在释放或管理这些字符串副本时存在内存泄漏问题。

网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接