When users pass a static-length array to C we currently CHECK its
length, asserting only if we are built in debug mode. In
production, we happily call JNI's `GetByteArrayRegion` with the
expected length, ignoring any errors. `GetByteArrayRegion`,
however, "THROWS ArrayIndexOutOfBoundsException: if one of the
indexes in the region is not valid.". While its somewhat unclear
what "THROWS" means in the context of a C API, it seems safe to
assume accessing return values after a "THROWS" condition is
undefined. Thus, we should ensure we check array lengths before
calling into C.
We do this here with a simple wrapper function added to
`org.ldk.util.InternalUtils` which checks an array is the correct
length before returning it.
(set_pfx, set_sfx) = self.consts.set_native_arr_contents(arr_name + "_arr", arr_len, ty_info)
ret_conv = ("int8_tArray " + arr_name + "_arr = " + self.consts.create_native_arr_call(arr_len, ty_info) + ";\n" + set_pfx, "")
arg_conv_cleanup = None
(set_pfx, set_sfx) = self.consts.set_native_arr_contents(arr_name + "_arr", arr_len, ty_info)
ret_conv = ("int8_tArray " + arr_name + "_arr = " + self.consts.create_native_arr_call(arr_len, ty_info) + ";\n" + set_pfx, "")
arg_conv_cleanup = None
if not arr_len.isdigit():
arg_conv = ty_info.rust_obj + " " + arr_name + "_ref;\n"
arg_conv = arg_conv + arr_name + "_ref." + arr_len + " = " + self.consts.get_native_arr_len_call[0] + arr_name + self.consts.get_native_arr_len_call[1] + ";\n"
if not arr_len.isdigit():
arg_conv = ty_info.rust_obj + " " + arr_name + "_ref;\n"
arg_conv = arg_conv + arr_name + "_ref." + arr_len + " = " + self.consts.get_native_arr_len_call[0] + arr_name + self.consts.get_native_arr_len_call[1] + ";\n"
arg_conv = arg_conv + "CHECK(" + self.consts.get_native_arr_len_call[0] + arr_name + self.consts.get_native_arr_len_call[1] + " == " + arr_len + ");\n"
arg_conv = arg_conv + self.consts.get_native_arr_contents(arr_name, arr_name + "_ref." + ty_info.arr_access, arr_len, ty_info, True) + ";"
ret_conv = (ret_conv[0], "." + ty_info.arr_access + set_sfx + ";")
arg_conv = arg_conv + "CHECK(" + self.consts.get_native_arr_len_call[0] + arr_name + self.consts.get_native_arr_len_call[1] + " == " + arr_len + ");\n"
arg_conv = arg_conv + self.consts.get_native_arr_contents(arr_name, arr_name + "_ref." + ty_info.arr_access, arr_len, ty_info, True) + ";"
ret_conv = (ret_conv[0], "." + ty_info.arr_access + set_sfx + ";")
+ from_hu_conv = ("InternalUtils.check_arr_len(" + arr_name + ", " + arr_len + ")", "")
else:
arg_conv = "unsigned char " + arr_name + "_arr[" + arr_len + "];\n"
arg_conv = arg_conv + "CHECK(" + self.consts.get_native_arr_len_call[0] + arr_name + self.consts.get_native_arr_len_call[1] + " == " + arr_len + ");\n"
arg_conv = arg_conv + self.consts.get_native_arr_contents(arr_name, arr_name + "_arr", arr_len, ty_info, True) + ";\n"
arg_conv = arg_conv + "unsigned char (*" + arr_name + "_ref)[" + arr_len + "] = &" + arr_name + "_arr;"
ret_conv = (ret_conv[0] + "*", set_sfx + ";")
else:
arg_conv = "unsigned char " + arr_name + "_arr[" + arr_len + "];\n"
arg_conv = arg_conv + "CHECK(" + self.consts.get_native_arr_len_call[0] + arr_name + self.consts.get_native_arr_len_call[1] + " == " + arr_len + ");\n"
arg_conv = arg_conv + self.consts.get_native_arr_contents(arr_name, arr_name + "_arr", arr_len, ty_info, True) + ";\n"
arg_conv = arg_conv + "unsigned char (*" + arr_name + "_ref)[" + arr_len + "] = &" + arr_name + "_arr;"
ret_conv = (ret_conv[0] + "*", set_sfx + ";")
+ from_hu_conv = ("InternalUtils.check_arr_len(" + arr_name + ", " + arr_len + ")", "")
return ConvInfo(ty_info = ty_info, arg_name = ty_info.var_name,
arg_conv = arg_conv, arg_conv_name = arr_name + "_ref", arg_conv_cleanup = arg_conv_cleanup,
return ConvInfo(ty_info = ty_info, arg_name = ty_info.var_name,
arg_conv = arg_conv, arg_conv_name = arr_name + "_ref", arg_conv_cleanup = arg_conv_cleanup,
- ret_conv = ret_conv, ret_conv_name = arr_name + "_arr", to_hu_conv = None, to_hu_conv_name = None, from_hu_conv = None)
+ ret_conv = ret_conv, ret_conv_name = arr_name + "_arr", to_hu_conv = None, to_hu_conv_name = None,
+ from_hu_conv = from_hu_conv)
else:
assert not arr_len.isdigit() # fixed length arrays not implemented
assert ty_info.java_ty[len(ty_info.java_ty) - 2:] == "[]"
else:
assert not arr_len.isdigit() # fixed length arrays not implemented
assert ty_info.java_ty[len(ty_info.java_ty) - 2:] == "[]"
self.util_fn_pfx = """package org.ldk.structs;
import org.ldk.impl.bindings;
self.util_fn_pfx = """package org.ldk.structs;
import org.ldk.impl.bindings;
+import org.ldk.enums.*;
+import org.ldk.util.*;
import java.util.Arrays;
import javax.annotation.Nullable;
import java.util.Arrays;
import javax.annotation.Nullable;
public class UtilMethods {
"""
public class UtilMethods {
"""
--- /dev/null
+package org.ldk.util;
+
+public class InternalUtils {
+ public static byte[] check_arr_len(byte[] arr, int length) throws IllegalArgumentException {
+ if (arr.length != length) {
+ throw new IllegalArgumentException("Array must be of fixed size " + length + " but was of length " + arr.length);
+ }
+ return arr;
+ }
+}