From: Ilya Dryomov <idryomov@gmail.com>
Date: Fri, 3 Apr 2020 13:43:10 +0000 (+0200)
Subject: msg/async/crypto_onwire: add asserts for reset_tx_handler() reservation
X-Git-Tag: v16.1.0~2001^2~17
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=4894e591200c2234dff7241de95997981ad90972;p=ceph.git

msg/async/crypto_onwire: add asserts for reset_tx_handler() reservation

Add asserts to avoid bugs like the one fixed in 1a975fb3a801
("msg/async: fix unnecessary 4 kB allocation in secure mode.").

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
---

diff --git a/src/msg/async/crypto_onwire.cc b/src/msg/async/crypto_onwire.cc
index 596e578488cd..102c8a14e0cd 100644
--- a/src/msg/async/crypto_onwire.cc
+++ b/src/msg/async/crypto_onwire.cc
@@ -95,6 +95,7 @@ void AES128GCM_OnWireTxHandler::reset_tx_handler(const uint32_t* first,
     throw std::runtime_error("EVP_EncryptInit_ex failed");
   }
 
+  ceph_assert(buffer.get_append_buffer_unused_tail_length() == 0);
   buffer.reserve(std::accumulate(first, last, AESGCM_TAG_LEN));
 
   nonce.random_seq = nonce.random_seq + 1;
@@ -103,6 +104,8 @@ void AES128GCM_OnWireTxHandler::reset_tx_handler(const uint32_t* first,
 void AES128GCM_OnWireTxHandler::authenticated_encrypt_update(
   const ceph::bufferlist& plaintext)
 {
+  ceph_assert(buffer.get_append_buffer_unused_tail_length() >=
+              plaintext.length());
   auto filler = buffer.append_hole(plaintext.length());
 
   for (const auto& plainbuf : plaintext.buffers()) {
@@ -129,6 +132,8 @@ void AES128GCM_OnWireTxHandler::authenticated_encrypt_update(
 ceph::bufferlist AES128GCM_OnWireTxHandler::authenticated_encrypt_final()
 {
   int final_len = 0;
+  ceph_assert(buffer.get_append_buffer_unused_tail_length() ==
+              AESGCM_BLOCK_LEN);
   auto filler = buffer.append_hole(AESGCM_BLOCK_LEN);
   if(1 != EVP_EncryptFinal_ex(ectx.get(),
 	reinterpret_cast<unsigned char*>(filler.c_str()),