Use (de)alloc for allocate and free_mem

This makes the allocator explicitly responsible for the memory allocated, preventing any clobbering.
dusk-network · May 8, 2024 · cd51ce0 · cd51ce0
1 parent b24bfd7
commit cd51ce0
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 8 deletions.
diff --git a/assets/dusk_wallet_core.wasm b/assets/dusk_wallet_core.wasm
diff --git a/src/ffi.rs b/src/ffi.rs
@@ -6,7 +6,10 @@
 
 //! FFI bindings exposed to WASM module.
 
-use alloc::{vec, vec::Vec};
+use alloc::{
+    alloc::{alloc, dealloc, Layout},
+    vec::Vec,
+};
 use core::mem;
 
 use dusk_bytes::Serializable;
@@ -15,22 +18,28 @@ use sha2::{Digest, Sha512};
 
 use crate::{key, tx, types, utils, MAX_KEY, MAX_LEN};
 
+/// The alignment of the memory allocated by the FFI.
+///
+/// This is 1 because we're not allocating any complex data structures, and
+/// just interacting with the memory directly.
+const ALIGNMENT: usize = 1;
+
 /// Allocates a buffer of `len` bytes on the WASM memory.
 #[no_mangle]
 pub fn allocate(len: i32) -> i32 {
-    let bytes = vec![0u8; len as usize];
-    let ptr = bytes.as_ptr();
-    mem::forget(bytes);
-    ptr as i32
+    unsafe {
+        let layout = Layout::from_size_align_unchecked(len as usize, ALIGNMENT);
+        let ptr = alloc(layout);
+        ptr as _
+    }
 }
 
 /// Frees a previously allocated buffer on the WASM memory.
 #[no_mangle]
 pub fn free_mem(ptr: i32, len: i32) {
-    let ptr = ptr as *mut u8;
-    let len = len as usize;
     unsafe {
-        Vec::from_raw_parts(ptr, len, len);
+        let layout = Layout::from_size_align_unchecked(len as usize, ALIGNMENT);
+        dealloc(ptr as _, layout);
     }
 }