From 4c90bee02621da12a6e748d48d43712a6d5a05cd Mon Sep 17 00:00:00 2001
From: K Pamnany <kpamnany@users.noreply.github.com>
Date: Thu, 26 Oct 2023 14:51:32 -0400
Subject: [PATCH] Add GC-safe regions around `ssl_read` and `ssl_write`

---
 src/ssl.jl | 34 ++++++++++++++++++++++++++++------
 1 file changed, 28 insertions(+), 6 deletions(-)

diff --git a/src/ssl.jl b/src/ssl.jl
index d4f736e..876468b 100644
--- a/src/ssl.jl
+++ b/src/ssl.jl
@@ -702,10 +702,21 @@ https://tls.mbed.org/api/ssl_8h.html#aa2c29eeb1deaf5ad9f01a7515006ede5
 """
 function ssl_read(ctx::SSLContext, ptr, n)::Int
     @lockdata ctx begin
-        return ccall((:mbedtls_ssl_read, libmbedtls), Cint,
-                     (Ptr{Cvoid}, Ptr{Cvoid}, Csize_t),
-                     ctx.data, ptr, n)
+        ccd = Base.cconvert(Ptr{Cvoid}, ctx.data)
+        cptr = Base.cconvert(Ptr{Cvoid}, ptr)
+        GC.@preserve ccd cptr begin
+            # Allow Julia to GC while reading/decrypting
+            gc_state = @ccall(jl_gc_safe_enter()::Int8)
+            ret = ccall((:mbedtls_ssl_read, libmbedtls), Cint,
+                        (Ptr{Cvoid}, Ptr{Cvoid}, Csize_t),
+                        Base.unsafe_convert(Ptr{Cvoid}, ccd)::Ptr{Cvoid},
+                        Base.unsafe_convert(Ptr{Cvoid}, cptr)::Ptr{Cvoid},
+                        n)
+            # Leave GC-safe region, waiting for GC to complete if it's running
+            @ccall(jl_gc_safe_leave(gc_state::Int8)::Cvoid)
+        end
     end
+    return ret
 end
 
 """
@@ -727,10 +738,21 @@ https://tls.mbed.org/api/ssl_8h.html#a5bbda87d484de82df730758b475f32e5
 """
 function ssl_write(ctx::SSLContext, ptr, n)::Int
     @lockdata ctx begin
-        return ccall((:mbedtls_ssl_write, libmbedtls), Cint,
-                     (Ptr{Cvoid}, Ptr{Cvoid}, Csize_t),
-                     ctx.data, ptr, n)
+        ccd = Base.cconvert(Ptr{Cvoid}, ctx.data)
+        cptr = Base.cconvert(Ptr{Cvoid}, ptr)
+        GC.@preserve ccd cptr begin
+            # Allow Julia to GC while writing/encrypting
+            gc_state = @ccall(jl_gc_safe_enter()::Int8)
+            ret = ccall((:mbedtls_ssl_write, libmbedtls), Cint,
+                        (Ptr{Cvoid}, Ptr{Cvoid}, Csize_t),
+                        Base.unsafe_convert(Ptr{Cvoid}, ccd)::Ptr{Cvoid},
+                        Base.unsafe_convert(Ptr{Cvoid}, cptr)::Ptr{Cvoid},
+                        n)
+            # Leave GC-safe region, waiting for GC to complete if it's running
+            @ccall(jl_gc_safe_leave(gc_state::Int8)::Cvoid)
+        end
     end
+    return ret
 end
 
 """