search

tari-project / tari

The Tari protocol
https://tari.com
BSD 3-Clause "New" or "Revised" License
356 stars 220 forks source link

Wallet FFI panics if invalid non-null pointers are passed in. #6645

Open hansieodendaal opened 1 month ago

hansieodendaal commented 1 month ago

Describe the bug Wallet FFI panics if invalid non-null pointers are passed in.

As an example of this when calling 

pub unsafe extern "C" fn scrape_wallet(
    wallet: *mut TariWallet,
    destination: *mut TariWalletAddress,
    fee_per_gram: c_ulonglong,
    error_out: *mut c_int,
)

with a valid TariWallet pointer for destination instead of a valid TariWalletAddress, pointer, the FFI code panics with

thread 'tokio-runtime-worker' panicked at /Users/runner/.cargo/registry/src/index.crates.io-6f17d22bba15001f/curve25519-dalek-4.1.3/src/backend/serial/u64/field.rs:138:21:
attempt to multiply with overflow
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

If the function is called with a valid TariWalletAddress pointer for wallet instead of a valid TariWallet, pointer, the FFI code panics with 

Thread 1: EXC_BAD_ACCESS (code=1, address=0x32778af620643)

To Reproduce Steps to reproduce the behavior: As described above.

Expected behavior Checks should be built into all FFI interface functions to determine the validity of the object pointers.

Screenshots n/a

Desktop (please complete the following information):

Smartphone (please complete the following information):

Additional context This is a development issue, but could easily be targeted by evil geniuses.