Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix up lifetime handling of SecItemCopyMatching result parameter #15468

Merged
merged 7 commits into from
Jul 15, 2022
Merged

Fix up lifetime handling of SecItemCopyMatching result parameter #15468

merged 7 commits into from
Jul 15, 2022

Conversation

Therzok
Copy link
Contributor

@Therzok Therzok commented Jul 12, 2022

Docs state it's caller retained via Create rule

Therzok
Therzok commented Jul 12, 2022
View reviewed changes
src/Security/Items.cs
n = null;
if (status == SecStatusCode.Success){
if (max == 1)
return new NSData [] { Runtime.GetNSObject<NSData> (ptr, false)! };
return new NSData [] { Runtime.GetNSObject<NSData> (ptr, true)! };
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what this is supposed to do.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To rephrase, it's possible that because we're not looking at this as a container of NSData, we would leak the other elements.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The native function is weird: it only returns an array if the limit is > 1:

"By default, this function returns only the first match found. To obtain more than one matching item at a time, specify the search key kSecMatchLimit with a value greater than 1. The result will be an object of type CFArrayRef containing up to that number of matching items."

This means the code is good as-is.

@rolfbjarne
Copy link
Member

It fails to compile:

Security/Items.cs(244,9): error CS1525: Invalid expression term ':'
Security/Items.cs(244,9): error CS1003: Syntax error, ',' expected
Security/Items.cs(244,11): error CS1003: Syntax error, ',' expected

Therzok
Therzok commented Jul 13, 2022
View reviewed changes
src/Security/Items.cs Outdated Show resolved Hide resolved
@Therzok
Copy link
Contributor Author

Therzok commented Jul 13, 2022

It fails to compile:

Security/Items.cs(244,9): error CS1525: Invalid expression term ':'
Security/Items.cs(244,9): error CS1003: Syntax error, ',' expected
Security/Items.cs(244,11): error CS1003: Syntax error, ',' expected

My vim fu is rusty, I accidentally dw an extra time. I had built it locally a few times as well

@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
rolfbjarne
rolfbjarne requested changes Jul 14, 2022
View reviewed changes
src/Security/Items.cs Outdated Show resolved Hide resolved
src/Security/Items.cs Outdated Show resolved Hide resolved
@Therzok @rolfbjarne
Apply lifetime simplification
d3b25b6 
Co-authored-by: Rolf Bjarne Kvinge <[email protected]>
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@vs-mobiletools-engineering-service2

This comment has been minimized.

Sign in to view
@Therzok Therzok marked this pull request as ready for review July 14, 2022 17:41
@Therzok Therzok requested a review from dalexsoto as a code owner July 14, 2022 17:41
@vs-mobiletools-engineering-service2
Copy link
Collaborator

💻 [PR Build] Tests on macOS Mac Catalina (10.15) passed 💻

All tests on macOS Mac Catalina (10.15) passed.

Pipeline on Agent
Hash: af36ecd0eb281338781d8b114d6bb741de020059 [PR build]

@vs-mobiletools-engineering-service2
Copy link
Collaborator

📚 [PR Build] Artifacts 📚

Packages generated

View packages

Pipeline on Agent XAMBOT-1044.Monterey'
Hash: af36ecd0eb281338781d8b114d6bb741de020059 [PR build]

@vs-mobiletools-engineering-service2
Copy link
Collaborator

✅ API diff for current PR / commit

Legacy Xamarin (No breaking changes)
.NET (No breaking changes)

✅ API diff vs stable

Legacy Xamarin (No breaking changes)
.NET (No breaking changes)
Legacy Xamarin (stable) vs .NET

✅ Generator diff

Generator diff is empty

Pipeline on Agent
Hash: af36ecd0eb281338781d8b114d6bb741de020059 [PR build]

@vs-mobiletools-engineering-service2
Copy link
Collaborator

❌ [PR Build] Tests on macOS M1 - Mac Big Sur (11.5) failed ❌

Failed tests are:

  • xammac_tests
  • monotouch-test

Pipeline on Agent
Hash: af36ecd0eb281338781d8b114d6bb741de020059 [PR build]

@vs-mobiletools-engineering-service2
Copy link
Collaborator

🚀 [CI Build] Test results 🚀

Test results

✅ All tests passed on VSTS: simulator tests.

🎉 All 223 tests passed 🎉

Tests counts

✅ bcl: All 69 tests passed. Html Report (VSDrops) Download
✅ cecil: All 1 tests passed. Html Report (VSDrops) Download
✅ dotnettests: All 1 tests passed. Html Report (VSDrops) Download
✅ fsharp: All 7 tests passed. Html Report (VSDrops) Download
✅ framework: All 8 tests passed. Html Report (VSDrops) Download
✅ generator: All 2 tests passed. Html Report (VSDrops) Download
✅ interdependent_binding_projects: All 7 tests passed. Html Report (VSDrops) Download
✅ install_source: All 1 tests passed. Html Report (VSDrops) Download
✅ introspection: All 8 tests passed. Html Report (VSDrops) Download
✅ linker: All 65 tests passed. Html Report (VSDrops) Download
✅ mac_binding_project: All 1 tests passed. Html Report (VSDrops) Download
✅ mmp: All 2 tests passed. Html Report (VSDrops) Download
✅ mononative: All 12 tests passed. Html Report (VSDrops) Download
✅ monotouch: All 23 tests passed. Html Report (VSDrops) Download
✅ msbuild: All 2 tests passed. Html Report (VSDrops) Download
✅ mtouch: All 1 tests passed. Html Report (VSDrops) Download
✅ xammac: All 3 tests passed. Html Report (VSDrops) Download
✅ xcframework: All 8 tests passed. Html Report (VSDrops) Download
✅ xtro: All 2 tests passed. Html Report (VSDrops) Download

Pipeline on Agent
Hash: [PR build]

rolfbjarne
rolfbjarne approved these changes Jul 15, 2022
View reviewed changes
src/Security/Items.cs
n = null;
if (status == SecStatusCode.Success){
if (max == 1)
return new NSData [] { Runtime.GetNSObject<NSData> (ptr, false)! };
return new NSData [] { Runtime.GetNSObject<NSData> (ptr, true)! };
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The native function is weird: it only returns an array if the limit is > 1:

"By default, this function returns only the first match found. To obtain more than one matching item at a time, specify the search key kSecMatchLimit with a value greater than 1. The result will be an object of type CFArrayRef containing up to that number of matching items."

This means the code is good as-is.

@rolfbjarne rolfbjarne merged commit c324882 into main Jul 15, 2022
@rolfbjarne rolfbjarne deleted the dev/therzok/secitemcopymatching-leak branch July 15, 2022 13:39
@rolfbjarne rolfbjarne added the notes-mention Deserves a mention in release notes label Jul 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rolfbjarne rolfbjarne rolfbjarne approved these changes

@dalexsoto dalexsoto Awaiting requested review from dalexsoto dalexsoto is a code owner

Assignees
No one assigned
Labels
notes-mention Deserves a mention in release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Therzok @rolfbjarne @vs-mobiletools-engineering-service2