enarx-archive · enarxbot · Dec 1, 2020 · Nov 26, 2020
diff --git a/internal/shim-sgx/src/handler.rs b/internal/shim-sgx/src/handler.rs
@@ -397,8 +397,10 @@ impl<'a> SyscallHandler for Handler<'a> {
         let mut ti = [0u8; 512];
         let ti_len = ti.len();
         let c = self.new_cursor();
-        c.copy_into_slice(buf_len, ti.as_mut(), ti_len)
-            .or(Err(libc::EFAULT))?;
+        unsafe {
+            c.copy_into_slice(buf_len, &mut ti[..ti_len])
+                .or(Err(libc::EFAULT))?;
+        }
         // ... Code to generate Report goes here ...
 
         // Request Quote from host
@@ -419,8 +421,10 @@ impl<'a> SyscallHandler for Handler<'a> {
             self.attacked()
         }
 
-        c.copy_into_slice(buf_len, buf.as_mut(), result_len)
-            .or(Err(libc::EFAULT))?;
+        unsafe {
+            c.copy_into_slice(buf_len, &mut buf[..result_len])
+                .or(Err(libc::EFAULT))?;
+        }
 
         let rep: sallyport::Reply = Ok([result[0], SGX_TECH.into()]).into();
         sallyport::Result::from(rep)

diff --git a/internal/syscall/src/lib.rs b/internal/syscall/src/lib.rs
@@ -201,8 +201,10 @@ pub trait SyscallHandler: AddressValidator + Sized {
         }
 
         let c = self.new_cursor();
-        c.copy_into_slice(count, buf[..count].as_mut(), result_len)
-            .or(Err(libc::EFAULT))?;
+        unsafe {
+            c.copy_into_slice(count, &mut buf[..result_len].as_mut())
+                .or(Err(libc::EFAULT))?;
+        }
 
         Ok(ret)
     }
@@ -590,8 +592,10 @@ pub trait SyscallHandler: AddressValidator + Sized {
 
         let c = self.new_cursor();
 
-        c.copy_into_slice(nfds as _, fds, nfds as _)
-            .or(Err(libc::EMSGSIZE))?;
+        unsafe {
+            c.copy_into_slice(nfds as _, &mut fds[..(nfds as usize)])
+                .or(Err(libc::EMSGSIZE))?;
+        }
 
         Ok(result)
     }

diff --git a/src/sallyport/mod.rs b/src/sallyport/mod.rs
@@ -249,24 +249,23 @@ impl<'short, 'a: 'short> Cursor<'a> {
         Ok((c, dst))
     }
 
-    /// Copies data from a slice into the cursor buffer using self.alloc().
+    /// Copies data from a cursor buffer into a slice advancing the cursor.
+    ///
+    /// # Parameters
+    ///
+    /// * `src_len`: the amount of elements, the cursor is advanced after copying
+    /// * `dst`: the destination slice
+    ///
+    /// # Safety
+    /// The caller has to ensure the `Cursor` contains valid data of the type
+    /// of the destination slice.
     #[allow(dead_code)]
-    pub fn copy_into_slice<T: Copy>(
+    pub unsafe fn copy_into_slice<T: 'a + Copy>(
         self,
         src_len: usize,
         dst: &mut [T],
-        dst_len: usize,
     ) -> core::result::Result<Cursor<'a>, OutOfSpace> {
-        assert!(src_len >= dst_len);
-        assert!(dst.len() >= dst_len);
-
-        let (c, src) = self.alloc::<T>(src_len)?;
-
-        unsafe {
-            core::ptr::copy_nonoverlapping(src.as_ptr(), dst.as_mut_ptr() as _, dst_len);
-        }
-
-        Ok(c)
+        self.copy_into_raw_parts(src_len, dst.as_mut_ptr(), dst.len())
     }
 
     /// Copies data from a raw slice pointer into the cursor buffer using self.alloc().
@@ -566,4 +565,42 @@ mod tests {
 
         Ok(())
     }
+
+    #[test]
+    fn copy_into_slice() -> std::result::Result<(), OutOfSpace> {
+        let mut block = Block::default();
+
+        let c = block.cursor();
+        let (c, slab1) = c
+            .copy_from_slice::<usize>(&[1, 2])
+            .expect("allocate slab of 2 usize values for the first time");
+
+        let (c, slab2) = c
+            .copy_from_slice::<usize>(&[3, 4])
+            .expect("allocate slab of 2 usize values for the second time");
+
+        let (_c, slab3) = c
+            .copy_from_slice::<usize>(&[5, 6])
+            .expect("allocate slab of 2 usize values for the third time");
+
+        assert_eq!(slab1, &[1, 2]);
+        assert_eq!(slab2, &[3, 4]);
+        assert_eq!(slab3, &[5, 6]);
+
+        let c = block.cursor();
+
+        let mut slab_all = [0usize; 3];
+
+        let c = unsafe { c.copy_into_slice::<usize>(4, &mut slab_all) }?;
+
+        assert_eq!(&slab_all, &[1, 2, 3]);
+
+        let mut slab_all = [0usize; 2];
+
+        let _ = unsafe { c.copy_into_slice::<usize>(2, &mut slab_all) }?;
+
+        assert_eq!(&slab_all, &[5, 6]);
+
+        Ok(())
+    }
 }