From d8a3482070ee6fc1f5cf170a38975eb3f01e3df3 Mon Sep 17 00:00:00 2001 From: "Chris (SPG) McGee" Date: Wed, 29 May 2024 15:11:25 -0400 Subject: [PATCH] Memory safety and security fixes Reduce the use of unsafe swift constructs in favour of ones that are memory safe. In the HTTP client remove the use of the unsafe mutable pointer in favour of direct Data conversion before writing the downloaded file to disk. Upgrade the version of libarchive to 3.7.4, which includes some fixes. Fix the changes to the SwiftlyHTTPClient that changed it to use the shared async HTTPClient. That broke the interactions with the GitHub REST API's. Update to the new async http client that fixes problems with decompression limits. --- Package.resolved | 7 ++++--- Package.swift | 2 +- Sources/SwiftlyCore/HTTPClient.swift | 12 ++---------- scripts/install-libarchive.sh | 2 +- 4 files changed, 8 insertions(+), 15 deletions(-) diff --git a/Package.resolved b/Package.resolved index b8056cc4..a5184e17 100644 --- a/Package.resolved +++ b/Package.resolved @@ -1,12 +1,13 @@ { + "originHash" : "4e45e73ff02865a9bd0426ba4c6cd8dfcb967e62e7663128dd262908109e1487", "pins" : [ { "identity" : "async-http-client", "kind" : "remoteSourceControl", "location" : "https://github.com/swift-server/async-http-client", "state" : { - "revision" : "fb308ee72f3d4c082a507033f94afa7395963ef3", - "version" : "1.21.0" + "revision" : "0ae99db85b2b9d1e79b362bd31fd1ffe492f7c47", + "version" : "1.21.2" } }, { @@ -136,5 +137,5 @@ } } ], - "version" : 2 + "version" : 3 } diff --git a/Package.swift b/Package.swift index f83db382..0acbf01d 100644 --- a/Package.swift +++ b/Package.swift @@ -13,7 +13,7 @@ let package = Package( ], dependencies: [ .package(url: "https://github.com/apple/swift-argument-parser", from: "1.3.0"), - .package(url: "https://github.com/swift-server/async-http-client", from: "1.21.0"), + .package(url: "https://github.com/swift-server/async-http-client", from: "1.21.2"), .package(url: "https://github.com/apple/swift-nio.git", from: "2.64.0"), .package(url: "https://github.com/apple/swift-tools-support-core.git", from: "0.6.1"), ], diff --git a/Sources/SwiftlyCore/HTTPClient.swift b/Sources/SwiftlyCore/HTTPClient.swift index e2486ca8..33d854bd 100644 --- a/Sources/SwiftlyCore/HTTPClient.swift +++ b/Sources/SwiftlyCore/HTTPClient.swift @@ -11,10 +11,8 @@ public protocol HTTPRequestExecutor { /// An `HTTPRequestExecutor` backed by an `HTTPClient`. internal struct HTTPRequestExecutorImpl: HTTPRequestExecutor { - fileprivate static let client = HTTPClientWrapper() - public func execute(_ request: HTTPClientRequest, timeout: TimeAmount) async throws -> HTTPClientResponse { - try await Self.client.inner.execute(request, timeout: timeout) + try await HTTPClient.shared.execute(request, timeout: timeout) } } @@ -166,9 +164,7 @@ public struct SwiftlyHTTPClient { for try await buffer in response.body { receivedBytes += buffer.readableBytes - try buffer.withUnsafeReadableBytes { bufferPtr in - try fileHandle.write(contentsOf: bufferPtr) - } + try fileHandle.write(contentsOf: buffer.readableBytesView) let now = Date() if let reportProgress, lastUpdate.distance(to: now) > 0.25 || receivedBytes == expectedBytes { @@ -183,7 +179,3 @@ public struct SwiftlyHTTPClient { try fileHandle.synchronize() } } - -private class HTTPClientWrapper { - fileprivate let inner = HTTPClient.shared -} diff --git a/scripts/install-libarchive.sh b/scripts/install-libarchive.sh index b6c492f9..728f59ef 100755 --- a/scripts/install-libarchive.sh +++ b/scripts/install-libarchive.sh @@ -3,7 +3,7 @@ set -o errexit # TODO detect platform -LIBARCHIVE_VERSION=3.6.1 +LIBARCHIVE_VERSION=3.7.4 mkdir /tmp/archive-build pushd /tmp/archive-build