fix(core): Clean up when constructor fails to reduce memory fragmentation.

[no changelog]
2024-11-18 21:48:13 +00:00 · 2024-03-26 09:47:14 +01:00 · 2024-03-26 09:47:14 +01:00 · 15e02be4e4
commit 15e02be4e4
parent 49a64cb3a1
10 changed files with 35 additions and 23 deletions
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-aes.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-aes.h
@ -62,10 +62,8 @@ STATIC mp_obj_t mod_trezorcrypto_AES_make_new(const mp_obj_type_t *type,
                                              size_t n_args, size_t n_kw,
                                              const mp_obj_t *args) {
  mp_arg_check_num(n_args, n_kw, 2, 3, false);
-  mp_obj_AES_t *o = m_new_obj_with_finaliser(mp_obj_AES_t);
-  o->base.type = type;
-  o->mode = mp_obj_get_int(args[0]);
-  if (o->mode < ECB || o->mode > CTR) {
+  mp_int_t mode = mp_obj_get_int(args[0]);
+  if (mode < ECB || mode > CTR) {
    mp_raise_ValueError("Invalid AES mode");
  }
  mp_buffer_info_t key = {0};
@ -74,13 +72,19 @@ STATIC mp_obj_t mod_trezorcrypto_AES_make_new(const mp_obj_type_t *type,
    mp_raise_ValueError(
        "Invalid length of key (has to be 128, 192 or 256 bits)");
  }
+  mp_buffer_info_t iv = {0};
  if (n_args > 2) {
-    mp_buffer_info_t iv = {0};
    mp_get_buffer_raise(args[2], &iv, MP_BUFFER_READ);
    if (iv.len != AES_BLOCK_SIZE) {
      mp_raise_ValueError(
          "Invalid length of initialization vector (has to be 128 bits)");
    }
+  }
+
+  mp_obj_AES_t *o = m_new_obj_with_finaliser(mp_obj_AES_t);
+  o->base.type = type;
+  o->mode = mode;
+  if (iv.len != 0) {
    memcpy(o->iv, iv.buf, AES_BLOCK_SIZE);
  } else {
    memzero(o->iv, AES_BLOCK_SIZE);
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2b.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2b.h
@ -98,6 +98,7 @@ STATIC mp_obj_t mod_trezorcrypto_Blake2b_make_new(const mp_obj_type_t *type,
  }

  if (res < 0) {
+    m_del_obj(mp_obj_Blake2b_t, o);
    mp_raise_ValueError("Invalid Blake2b parameters");
  }

--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2s.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-blake2s.h
@ -98,6 +98,7 @@ STATIC mp_obj_t mod_trezorcrypto_Blake2s_make_new(const mp_obj_type_t *type,
  }

  if (res < 0) {
+    m_del_obj(mp_obj_Blake2s_t, o);
    mp_raise_ValueError("Invalid Blake2s parameters");
  }

--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-cardano.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-cardano.h
@ -113,6 +113,7 @@ STATIC mp_obj_t mod_trezorcrypto_from_secret(mp_obj_t secret) {
  o->base.type = &mod_trezorcrypto_HDNode_type;
  const int res = hdnode_from_secret_cardano(bufinfo.buf, &o->hdnode);
  if (res != 1) {
+    m_del_obj(mp_obj_HDNode_t, o);
    mp_raise_msg(&mp_type_RuntimeError,
                 "Unexpected failure in constructing Cardano node.");
  }
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-chacha20poly1305.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-chacha20poly1305.h
@ -43,9 +43,6 @@ STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_make_new(
    const mp_obj_type_t *type, size_t n_args, size_t n_kw,
    const mp_obj_t *args) {
  mp_arg_check_num(n_args, n_kw, 2, 2, false);
-  mp_obj_ChaCha20Poly1305_t *o =
-      m_new_obj_with_finaliser(mp_obj_ChaCha20Poly1305_t);
-  o->base.type = type;
  mp_buffer_info_t key = {0}, nonce = {0};
  mp_get_buffer_raise(args[0], &key, MP_BUFFER_READ);
  mp_get_buffer_raise(args[1], &nonce, MP_BUFFER_READ);
@ -55,7 +52,10 @@ STATIC mp_obj_t mod_trezorcrypto_ChaCha20Poly1305_make_new(
  if (nonce.len != 12) {
    mp_raise_ValueError("Invalid length of nonce");
  }
+  mp_obj_ChaCha20Poly1305_t *o =
+      m_new_obj_with_finaliser(mp_obj_ChaCha20Poly1305_t);
  rfc7539_init(&(o->ctx), key.buf, nonce.buf);
+  o->base.type = type;
  o->alen = 0;
  o->plen = 0;
  return MP_OBJ_FROM_PTR(o);
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-hmac.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-hmac.h
@ -57,8 +57,6 @@ STATIC mp_obj_t mod_trezorcrypto_Hmac_make_new(const mp_obj_type_t *type,
                                               size_t n_args, size_t n_kw,
                                               const mp_obj_t *args) {
  mp_arg_check_num(n_args, n_kw, 2, 3, false);
-  mp_obj_Hmac_t *o = m_new_obj_with_finaliser(mp_obj_Hmac_t);
-  o->base.type = type;

  mp_buffer_info_t key = {0};
  mp_get_buffer_raise(args[1], &key, MP_BUFFER_READ);
@ -67,12 +65,15 @@ STATIC mp_obj_t mod_trezorcrypto_Hmac_make_new(const mp_obj_type_t *type,
    key.buf = "";
  }

+  mp_obj_Hmac_t *o = m_new_obj_with_finaliser(mp_obj_Hmac_t);
+  o->base.type = type;
  o->hashtype = trezor_obj_get_uint(args[0]);
  if (o->hashtype == SHA256) {
    hmac_sha256_Init(&(o->ctx256), key.buf, key.len);
  } else if (o->hashtype == SHA512) {
    hmac_sha512_Init(&(o->ctx512), key.buf, key.len);
  } else {
+    m_del_obj(mp_obj_Hmac_t, o);
    mp_raise_ValueError("Invalid hashtype");
  }
  // constructor called with message as third parameter
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-monero.h
@ -160,6 +160,7 @@ STATIC mp_obj_t mod_trezorcrypto_monero_ge25519_make_new(
  } else if (n_args == 1 && MP_OBJ_IS_STR_OR_BYTES(args[0])) {
    mp_unpack_ge25519(&o->p, args[0], 0);
  } else {
+    m_del_obj(mp_obj_ge25519_t, o);
    mp_raise_ValueError("Invalid ge25519 constructor");
  }

@ -202,6 +203,7 @@ STATIC mp_obj_t mod_trezorcrypto_monero_bignum256modm_make_new(
    uint64_t v = trezor_obj_get_uint64(args[0]);
    set256_modm(o->p, v);
  } else {
+    m_del_obj(mp_obj_bignum256modm_t, o);
    mp_raise_ValueError("Invalid scalar constructor");
  }

--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-pbkdf2.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-pbkdf2.h
@ -59,8 +59,6 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_make_new(const mp_obj_type_t *type,
                                                 size_t n_args, size_t n_kw,
                                                 const mp_obj_t *args) {
  mp_arg_check_num(n_args, n_kw, 3, 4, false);
-  mp_obj_Pbkdf2_t *o = m_new_obj_with_finaliser(mp_obj_Pbkdf2_t);
-  o->base.type = type;

  mp_buffer_info_t password = {0};
  mp_get_buffer_raise(args[1], &password, MP_BUFFER_READ);
@ -79,7 +77,10 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_make_new(const mp_obj_type_t *type,
    blocknr = trezor_obj_get_uint(args[4]);
  }

-  o->prf = trezor_obj_get_uint(args[0]);
+  mp_uint_t prf = trezor_obj_get_uint(args[0]);
+  mp_obj_Pbkdf2_t *o = m_new_obj_with_finaliser(mp_obj_Pbkdf2_t);
+  o->base.type = type;
+  o->prf = prf;
  if (o->prf == PRF_HMAC_SHA256) {
    pbkdf2_hmac_sha256_Init(&(o->ctx256), password.buf, password.len, salt.buf,
                            salt.len, blocknr);
@ -87,6 +88,7 @@ STATIC mp_obj_t mod_trezorcrypto_Pbkdf2_make_new(const mp_obj_type_t *type,
    pbkdf2_hmac_sha512_Init(&(o->ctx512), password.buf, password.len, salt.buf,
                            salt.len, blocknr);
  } else {
+    m_del_obj(mp_obj_Pbkdf2_t, o);
    mp_raise_ValueError("Invalid PRF");
  }
  // constructor called with iterations as fourth parameter
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-256.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-256.h
@ -50,11 +50,6 @@ STATIC mp_obj_t mod_trezorcrypto_Sha3_256_make_new(const mp_obj_type_t *type,
                                                   size_t n_args, size_t n_kw,
                                                   const mp_obj_t *args) {
  mp_arg_check_num(n_args, n_kw, 0, 1, true);
-  mp_obj_Sha3_256_t *o = m_new_obj_with_finaliser(mp_obj_Sha3_256_t);
-  o->base.type = type;
-  o->keccak = 0;
-  sha3_256_Init(&(o->ctx));
-
  STATIC const mp_arg_t allowed_args[] = {
      {MP_QSTR_data, MP_ARG_OBJ, {.u_obj = mp_const_none}},
      {MP_QSTR_keccak, MP_ARG_OBJ | MP_ARG_KW_ONLY, {.u_obj = MP_OBJ_NULL}},
@ -62,6 +57,11 @@ STATIC mp_obj_t mod_trezorcrypto_Sha3_256_make_new(const mp_obj_type_t *type,
  mp_arg_val_t vals[MP_ARRAY_SIZE(allowed_args)] = {0};
  mp_arg_parse_all_kw_array(n_args, n_kw, args, MP_ARRAY_SIZE(allowed_args),
                            allowed_args, vals);
+
+  mp_obj_Sha3_256_t *o = m_new_obj_with_finaliser(mp_obj_Sha3_256_t);
+  o->base.type = type;
+  o->keccak = 0;
+  sha3_256_Init(&(o->ctx));
  if (vals[1].u_obj != MP_OBJ_NULL) {
    o->keccak = mp_obj_is_true(vals[1].u_obj);
  }
--- a/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-512.h
+++ b/core/embed/extmod/modtrezorcrypto/modtrezorcrypto-sha3-512.h
@ -50,11 +50,6 @@ STATIC mp_obj_t mod_trezorcrypto_Sha3_512_make_new(const mp_obj_type_t *type,
                                                   size_t n_args, size_t n_kw,
                                                   const mp_obj_t *args) {
  mp_arg_check_num(n_args, n_kw, 0, 1, true);
-  mp_obj_Sha3_512_t *o = m_new_obj_with_finaliser(mp_obj_Sha3_512_t);
-  o->base.type = type;
-  o->keccak = 0;
-  sha3_512_Init(&(o->ctx));
-
  STATIC const mp_arg_t allowed_args[] = {
      {MP_QSTR_data, MP_ARG_OBJ, {.u_obj = mp_const_none}},
      {MP_QSTR_keccak, MP_ARG_OBJ | MP_ARG_KW_ONLY, {.u_obj = MP_OBJ_NULL}},
@ -62,6 +57,11 @@ STATIC mp_obj_t mod_trezorcrypto_Sha3_512_make_new(const mp_obj_type_t *type,
  mp_arg_val_t vals[MP_ARRAY_SIZE(allowed_args)] = {0};
  mp_arg_parse_all_kw_array(n_args, n_kw, args, MP_ARRAY_SIZE(allowed_args),
                            allowed_args, vals);
+
+  mp_obj_Sha3_512_t *o = m_new_obj_with_finaliser(mp_obj_Sha3_512_t);
+  o->base.type = type;
+  o->keccak = 0;
+  sha3_512_Init(&(o->ctx));
  if (vals[1].u_obj != MP_OBJ_NULL) {
    o->keccak = mp_obj_is_true(vals[1].u_obj);
  }