Double-check all host-pointers are outside of the enclave about openenclave HOT 6 CLOSED

Naturally, this applies to memory ranges.

from openenclave.

We should do this as part of the story around oegen

from openenclave.

Should this be promoted to a bug?
None of the host memory management is validated today as far as I could see. This means that something as simple as printf could lead to a compromized enclave.

from openenclave.

There are multiple ideas in this issue.

• For runtime functions, we will be doing a scrub for pointer checking as part of #22 for the public preview.
• For developer authored functions, the current CallEnclave/CallHost mechanisms take opaque void* type for developer defined parameter passing, and as with the prototype SDK, puts the responsibility on the developer to use the OE_IsWithinEnclave/OE_IsOutsideEnclave methods when validating their data structures.
• For the design principle, we want to move in the direction of stub generation via the oegen prototype to encapsulate host-enclave parameter passing, where we will then be able to enforce pointer boundary checking, as well as other semantics such as copy-on-enter/exit. This is currently out of scope for the public preview.

from openenclave.

Combining information from duplicate #214:

Refer to #212 for the fix to GetReport function.

from openenclave.

VVDN scrubbed the used of oe_is_outside_enclave in all existing boundary functions and fixed the remaining missing use in _HandleInitEnclave with PR #490, so closing out this task.

from openenclave.