picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

string-util: introduce explicit_zero_safe() 

The only real difference is that this wrapper can deal with NULL
pointer arguments, but only if the length is also zero.

CID 1396277
This commit is contained in:
Lennart Poettering 2018-10-24 21:00:15 +02:00
parent 7388cea30d
commit 87f5446311
5 changed files with 25 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/basic/string-util.c
View File

@ -1059,8 +1059,11 @@ typedef void *(*memset_t)(void *,int,size_t);
static volatile memset_t memset_func = memset;
void explicit_bzero(void *p, size_t l) {
memset_func(p, '\0', l);
void* explicit_bzero_safe(void *p, size_t l) {
if (l > 0)
memset_func(p, '\0', l);
return p;
}
#endif
@ -1070,7 +1073,7 @@ char* string_erase(char *x) {
/* A delicious drop of snake-oil! To be called on memory where
* we stored passphrases or so, after we used them. */
explicit_bzero(x, strlen(x));
explicit_bzero_safe(x, strlen(x));
return x;
}

11
src/basic/string-util.h
View File

@ -198,8 +198,15 @@ static inline void *memmem_safe(const void *haystack, size_t haystacklen, const
return memmem(haystack, haystacklen, needle, needlelen);
}
#if !HAVE_EXPLICIT_BZERO
void explicit_bzero(void *p, size_t l);
#if HAVE_EXPLICIT_BZERO
static inline void* explicit_bzero_safe(void *p, size_t l) {
if (l > 0)
explicit_bzero(p, l);
return p;
}
#else
void explicit_bzero_safe(void *p, size_t l);
#endif
char *string_erase(char *x);

2
src/reply-password/reply-password.c
View File

@ -95,7 +95,7 @@ int main(int argc, char *argv[]) {
r = send_on_socket(fd, argv[2], packet, length);
finish:
explicit_bzero(packet, length);
explicit_bzero_safe(packet, length);
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}

14
src/shared/ask-password-api.c
View File

@ -79,7 +79,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) {
if (n < m)
break;
explicit_bzero(p, n);
explicit_bzero_safe(p, n);
free(p);
m *= 2;
}
@ -88,7 +88,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) {
if (!l)
return -ENOMEM;
explicit_bzero(p, n);
explicit_bzero_safe(p, n);
*ret = l;
return 0;
@ -124,7 +124,7 @@ static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **pa
return r;
serial = add_key("user", keyname, p, n, KEY_SPEC_USER_KEYRING);
explicit_bzero(p, n);
explicit_bzero_safe(p, n);
if (serial == -1)
return -errno;
@ -349,7 +349,7 @@ int ask_password_tty(
if (!(flags & ASK_PASSWORD_SILENT))
backspace_string(ttyfd, passphrase);
explicit_bzero(passphrase, sizeof(passphrase));
explicit_bzero_safe(passphrase, sizeof(passphrase));
p = codepoint = 0;
} else if (IN_SET(c, '\b', 127)) {
@ -379,7 +379,7 @@ int ask_password_tty(
}
p = codepoint = q == (size_t) -1 ? p - 1 : q;
explicit_bzero(passphrase + p, sizeof(passphrase) - p);
explicit_bzero_safe(passphrase + p, sizeof(passphrase) - p);
} else if (!dirty && !(flags & ASK_PASSWORD_SILENT)) {
@ -430,7 +430,7 @@ int ask_password_tty(
}
x = strndup(passphrase, p);
explicit_bzero(passphrase, sizeof(passphrase));
explicit_bzero_safe(passphrase, sizeof(passphrase));
if (!x) {
r = -ENOMEM;
goto finish;
@ -681,7 +681,7 @@ int ask_password_agent(
l = strv_new("", NULL);
else
l = strv_parse_nulstr(passphrase+1, n-1);
explicit_bzero(passphrase, n);
explicit_bzero_safe(passphrase, n);
if (!l) {
r = -ENOMEM;
goto finish;

4
src/tty-ask-password-agent/tty-ask-password-agent.c
View File

@ -228,7 +228,7 @@ static int ask_password_plymouth(
r = 0;
finish:
explicit_bzero(buffer, sizeof(buffer));
explicit_bzero_safe(buffer, sizeof(buffer));
return r;
}
@ -275,7 +275,7 @@ static int send_passwords(const char *socket_name, char **passwords) {
r = (int) n;
finish:
explicit_bzero(packet, packet_length);
explicit_bzero_safe(packet, packet_length);
return r;
}