crypto: enable move construct/assign for OpenSSLDigest

copy and move operations were not deleted, so the compiler-generated
move operations were implemented as copies. the destructor of the
copied-from instance would destroy the handles that were still in use
by the copied-to instance, resulting in use-after-free or double-free

to prevent this, add noexcept move operations that leave the moved-from
instance empty. this also prevents the compiler from generating the
problematic copy operations

Signed-off-by: Casey Bodley <cbodley@redhat.com>

diff --git a/src/common/ceph_crypto.cc b/src/common/ceph_crypto.cc
index 18e655b937ac16492d418185ceb37bf593c4a762..a9d349731ec2c65e18c0ed411015b32b3728e04f 100644 (file)
--- a/src/common/ceph_crypto.cc
+++ b/src/common/ceph_crypto.cc
@@ -13,6 +13,7 @@
  */
 
 #include <vector>
+#include <utility>
 
 #include "common/ceph_context.h"
 #include "common/ceph_mutex.h"
@@ -203,6 +204,21 @@ ssl::OpenSSLDigest::~OpenSSLDigest() {
   }
 }
 
+ssl::OpenSSLDigest::OpenSSLDigest(OpenSSLDigest&& o) noexcept
+  : mpContext(std::exchange(o.mpContext, nullptr)),
+    mpType(std::exchange(o.mpType, nullptr)),
+    mpType_FIPS(std::exchange(o.mpType_FIPS, nullptr))
+{
+}
+
+ssl::OpenSSLDigest& ssl::OpenSSLDigest::operator=(OpenSSLDigest&& o) noexcept
+{
+  std::swap(mpContext, o.mpContext);
+  std::swap(mpType, o.mpType);
+  std::swap(mpType_FIPS, o.mpType_FIPS);
+  return *this;
+}
+
 void ssl::OpenSSLDigest::Restart() {
   if (mpType_FIPS) {
     EVP_DigestInit_ex(mpContext, mpType_FIPS, NULL);

diff --git a/src/common/ceph_crypto.h b/src/common/ceph_crypto.h
index bcdc0044cbd59685c595b1a7e58e9629af2e862d..5beda7a12522981bfd6424065ae2cef0ebb74140 100644 (file)
--- a/src/common/ceph_crypto.h
+++ b/src/common/ceph_crypto.h
@@ -58,6 +58,8 @@ namespace TOPNSPC::crypto {
       public:
        OpenSSLDigest (const EVP_MD *_type);
        ~OpenSSLDigest ();
+       OpenSSLDigest(OpenSSLDigest&& o) noexcept;
+       OpenSSLDigest& operator=(OpenSSLDigest&& o) noexcept;
        void Restart();
        void SetFlags(int flags);
        void Update (const unsigned char *input, size_t length);