Fix wasm panic caused by a race condition in IotaDocument and `Core…

…Document` (#1258)
iotaledger · Nov 2, 2023 · 867cb9d · 867cb9d
1 parent 2ddfc65
commit 867cb9d
Show file tree

Hide file tree

Showing 10 changed files with 562 additions and 313 deletions.
diff --git a/bindings/wasm/docs/api-reference.md b/bindings/wasm/docs/api-reference.md
diff --git a/bindings/wasm/src/common/imported_document_lock.rs b/bindings/wasm/src/common/imported_document_lock.rs
@@ -11,6 +11,7 @@ use crate::did::ArrayIToCoreDocument;
 use crate::did::CoreDocumentLock;
 use crate::did::IToCoreDocument;
 use crate::did::WasmCoreDocument;
+use crate::error::Result;
 use crate::iota::IotaDocumentLock;
 use crate::iota::WasmIotaDocument;
 
@@ -27,13 +28,13 @@ pub(crate) enum ImportedDocumentLock {
 
 impl ImportedDocumentLock {
   /// Obtain a read guard which implements `AsRef<CoreDocument>`.
-  pub(crate) fn blocking_read(&self) -> ImportedDocumentReadGuard<'_> {
+  pub(crate) fn try_read(&self) -> Result<ImportedDocumentReadGuard<'_>> {
     match self {
-      Self::Iota(lock) => ImportedDocumentReadGuard(tokio::sync::RwLockReadGuard::map(
-        lock.blocking_read(),
+      Self::Iota(lock) => Ok(ImportedDocumentReadGuard(tokio::sync::RwLockReadGuard::map(
+        lock.try_read()?,
         IotaDocument::core_document,
-      )),
-      Self::Core(lock) => ImportedDocumentReadGuard(lock.blocking_read()),
+      ))),
+      Self::Core(lock) => Ok(ImportedDocumentReadGuard(lock.try_read()?)),
     }
   }
   /// Must only be called on values implementing `IToCoreDocument`.

diff --git a/bindings/wasm/src/credential/domain_linkage_validator.rs b/bindings/wasm/src/credential/domain_linkage_validator.rs
@@ -60,7 +60,7 @@ impl WasmJwtDomainLinkageValidator {
   ) -> Result<()> {
     let domain = Url::parse(domain).wasm_result()?;
     let doc = ImportedDocumentLock::from(issuer);
-    let doc_guard = doc.blocking_read();
+    let doc_guard = doc.try_read()?;
     self
       .validator
       .validate_linkage(&doc_guard, &configuration.0, &domain, &options.0)
@@ -81,7 +81,7 @@ impl WasmJwtDomainLinkageValidator {
   ) -> Result<()> {
     let domain = Url::parse(domain).wasm_result()?;
     let doc = ImportedDocumentLock::from(issuer);
-    let doc_guard = doc.blocking_read();
+    let doc_guard = doc.try_read()?;
     self
       .validator
       .validate_credential(&doc_guard, &credentialJwt.0, &domain, &options.0)

diff --git a/bindings/wasm/src/credential/jwt_credential_validation/jwt_credential_validator.rs b/bindings/wasm/src/credential/jwt_credential_validation/jwt_credential_validator.rs
@@ -78,7 +78,7 @@ impl WasmJwtCredentialValidator {
     fail_fast: WasmFailFast,
   ) -> Result<WasmDecodedJwtCredential> {
     let issuer_lock = ImportedDocumentLock::from(issuer);
-    let issuer_guard = issuer_lock.blocking_read();
+    let issuer_guard = issuer_lock.try_read()?;
 
     self
       .0
@@ -112,8 +112,12 @@ impl WasmJwtCredentialValidator {
     options: &WasmJwsVerificationOptions,
   ) -> Result<WasmDecodedJwtCredential> {
     let issuer_locks: Vec<ImportedDocumentLock> = trustedIssuers.into();
-    let trusted_issuers: Vec<ImportedDocumentReadGuard<'_>> =
-      issuer_locks.iter().map(ImportedDocumentLock::blocking_read).collect();
+    let trusted_issuers: Vec<ImportedDocumentReadGuard<'_>> = issuer_locks
+      .iter()
+      .map(ImportedDocumentLock::try_read)
+      .collect::<Result<Vec<ImportedDocumentReadGuard<'_>>>>(
+    )?;
+
     self
       .0
       .verify_signature(&credential.0, &trusted_issuers, &options.0)
@@ -157,8 +161,11 @@ impl WasmJwtCredentialValidator {
     statusCheck: WasmStatusCheck,
   ) -> Result<()> {
     let issuer_locks: Vec<ImportedDocumentLock> = trustedIssuers.into();
-    let trusted_issuers: Vec<ImportedDocumentReadGuard<'_>> =
-      issuer_locks.iter().map(ImportedDocumentLock::blocking_read).collect();
+    let trusted_issuers: Vec<ImportedDocumentReadGuard<'_>> = issuer_locks
+      .iter()
+      .map(ImportedDocumentLock::try_read)
+      .collect::<Result<Vec<ImportedDocumentReadGuard<'_>>>>(
+    )?;
     let status_check: StatusCheck = statusCheck.into();
     JwtCredentialValidatorUtils::check_status(&credential.0, &trusted_issuers, status_check).wasm_result()
   }

diff --git a/bindings/wasm/src/credential/jwt_presentation_validation/jwt_presentation_validator.rs b/bindings/wasm/src/credential/jwt_presentation_validation/jwt_presentation_validator.rs
@@ -65,7 +65,7 @@ impl WasmJwtPresentationValidator {
     validation_options: &WasmJwtPresentationValidationOptions,
   ) -> Result<WasmDecodedJwtPresentation> {
     let holder_lock = ImportedDocumentLock::from(holder);
-    let holder_guard = holder_lock.blocking_read();
+    let holder_guard = holder_lock.try_read()?;
 
     self
       .0