Merge pull request #5237 from keszybz/explicit-bzero
Use `explicit_bzero`
This commit is contained in:
commit
9194199c98
|
@ -331,13 +331,15 @@ AC_CHECK_DECLS([
|
||||||
kcmp,
|
kcmp,
|
||||||
keyctl,
|
keyctl,
|
||||||
LO_FLAGS_PARTSCAN,
|
LO_FLAGS_PARTSCAN,
|
||||||
copy_file_range],
|
copy_file_range,
|
||||||
|
explicit_bzero],
|
||||||
[], [], [[
|
[], [], [[
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <sys/mount.h>
|
#include <sys/mount.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <sched.h>
|
#include <sched.h>
|
||||||
|
#include <string.h>
|
||||||
#include <linux/loop.h>
|
#include <linux/loop.h>
|
||||||
#include <linux/random.h>
|
#include <linux/random.h>
|
||||||
]])
|
]])
|
||||||
|
|
|
@ -821,6 +821,7 @@ int free_and_strdup(char **p, const char *s) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if !HAVE_DECL_EXPLICIT_BZERO
|
||||||
/*
|
/*
|
||||||
* Pointer to memset is volatile so that compiler must de-reference
|
* Pointer to memset is volatile so that compiler must de-reference
|
||||||
* the pointer and can't assume that it points to any function in
|
* the pointer and can't assume that it points to any function in
|
||||||
|
@ -831,19 +832,19 @@ typedef void *(*memset_t)(void *,int,size_t);
|
||||||
|
|
||||||
static volatile memset_t memset_func = memset;
|
static volatile memset_t memset_func = memset;
|
||||||
|
|
||||||
void* memory_erase(void *p, size_t l) {
|
void explicit_bzero(void *p, size_t l) {
|
||||||
return memset_func(p, 'x', l);
|
memset_func(p, '\0', l);
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
char* string_erase(char *x) {
|
char* string_erase(char *x) {
|
||||||
|
|
||||||
if (!x)
|
if (!x)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
/* A delicious drop of snake-oil! To be called on memory where
|
/* A delicious drop of snake-oil! To be called on memory where
|
||||||
* we stored passphrases or so, after we used them. */
|
* we stored passphrases or so, after we used them. */
|
||||||
|
explicit_bzero(x, strlen(x));
|
||||||
return memory_erase(x, strlen(x));
|
return x;
|
||||||
}
|
}
|
||||||
|
|
||||||
char *string_free_erase(char *s) {
|
char *string_free_erase(char *s) {
|
||||||
|
|
|
@ -189,7 +189,10 @@ static inline void *memmem_safe(const void *haystack, size_t haystacklen, const
|
||||||
return memmem(haystack, haystacklen, needle, needlelen);
|
return memmem(haystack, haystacklen, needle, needlelen);
|
||||||
}
|
}
|
||||||
|
|
||||||
void* memory_erase(void *p, size_t l);
|
#if !HAVE_DECL_EXPLICIT_BZERO
|
||||||
|
void explicit_bzero(void *p, size_t l);
|
||||||
|
#endif
|
||||||
|
|
||||||
char *string_erase(char *x);
|
char *string_erase(char *x);
|
||||||
|
|
||||||
char *string_free_erase(char *s);
|
char *string_free_erase(char *s);
|
||||||
|
|
|
@ -686,7 +686,9 @@ static int parse_argv(int argc, char *argv[]) {
|
||||||
r = free_and_strdup(&arg_verify_key, optarg);
|
r = free_and_strdup(&arg_verify_key, optarg);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
string_erase(optarg);
|
/* Use memset not string_erase so this doesn't look confusing
|
||||||
|
* in ps or htop output. */
|
||||||
|
memset(optarg, 'x', strlen(optarg));
|
||||||
|
|
||||||
arg_merge = false;
|
arg_merge = false;
|
||||||
break;
|
break;
|
||||||
|
|
|
@ -90,7 +90,7 @@ int main(int argc, char *argv[]) {
|
||||||
r = send_on_socket(fd, argv[2], packet, length);
|
r = send_on_socket(fd, argv[2], packet, length);
|
||||||
|
|
||||||
finish:
|
finish:
|
||||||
memory_erase(packet, sizeof(packet));
|
explicit_bzero(packet, sizeof(packet));
|
||||||
|
|
||||||
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
|
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
|
@ -95,7 +95,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) {
|
||||||
if (n < m)
|
if (n < m)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
memory_erase(p, n);
|
explicit_bzero(p, n);
|
||||||
free(p);
|
free(p);
|
||||||
m *= 2;
|
m *= 2;
|
||||||
}
|
}
|
||||||
|
@ -104,7 +104,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) {
|
||||||
if (!l)
|
if (!l)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
memory_erase(p, n);
|
explicit_bzero(p, n);
|
||||||
|
|
||||||
*ret = l;
|
*ret = l;
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -140,7 +140,7 @@ static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **pa
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
serial = add_key("user", keyname, p, n, KEY_SPEC_USER_KEYRING);
|
serial = add_key("user", keyname, p, n, KEY_SPEC_USER_KEYRING);
|
||||||
memory_erase(p, n);
|
explicit_bzero(p, n);
|
||||||
if (serial == -1)
|
if (serial == -1)
|
||||||
return -errno;
|
return -errno;
|
||||||
|
|
||||||
|
@ -390,7 +390,7 @@ int ask_password_tty(
|
||||||
}
|
}
|
||||||
|
|
||||||
x = strndup(passphrase, p);
|
x = strndup(passphrase, p);
|
||||||
memory_erase(passphrase, p);
|
explicit_bzero(passphrase, p);
|
||||||
if (!x) {
|
if (!x) {
|
||||||
r = -ENOMEM;
|
r = -ENOMEM;
|
||||||
goto finish;
|
goto finish;
|
||||||
|
@ -647,7 +647,7 @@ int ask_password_agent(
|
||||||
l = strv_new("", NULL);
|
l = strv_new("", NULL);
|
||||||
else
|
else
|
||||||
l = strv_parse_nulstr(passphrase+1, n-1);
|
l = strv_parse_nulstr(passphrase+1, n-1);
|
||||||
memory_erase(passphrase, n);
|
explicit_bzero(passphrase, n);
|
||||||
if (!l) {
|
if (!l) {
|
||||||
r = -ENOMEM;
|
r = -ENOMEM;
|
||||||
goto finish;
|
goto finish;
|
||||||
|
|
|
@ -29,31 +29,20 @@ static void test_string_erase(void) {
|
||||||
assert_se(streq(string_erase(x), ""));
|
assert_se(streq(string_erase(x), ""));
|
||||||
|
|
||||||
x = strdupa("1");
|
x = strdupa("1");
|
||||||
assert_se(streq(string_erase(x), "x"));
|
assert_se(streq(string_erase(x), ""));
|
||||||
|
|
||||||
x = strdupa("12");
|
|
||||||
assert_se(streq(string_erase(x), "xx"));
|
|
||||||
|
|
||||||
x = strdupa("123");
|
|
||||||
assert_se(streq(string_erase(x), "xxx"));
|
|
||||||
|
|
||||||
x = strdupa("1234");
|
|
||||||
assert_se(streq(string_erase(x), "xxxx"));
|
|
||||||
|
|
||||||
x = strdupa("12345");
|
|
||||||
assert_se(streq(string_erase(x), "xxxxx"));
|
|
||||||
|
|
||||||
x = strdupa("123456");
|
|
||||||
assert_se(streq(string_erase(x), "xxxxxx"));
|
|
||||||
|
|
||||||
x = strdupa("1234567");
|
|
||||||
assert_se(streq(string_erase(x), "xxxxxxx"));
|
|
||||||
|
|
||||||
x = strdupa("12345678");
|
|
||||||
assert_se(streq(string_erase(x), "xxxxxxxx"));
|
|
||||||
|
|
||||||
x = strdupa("123456789");
|
x = strdupa("123456789");
|
||||||
assert_se(streq(string_erase(x), "xxxxxxxxx"));
|
assert_se(streq(string_erase(x), ""));
|
||||||
|
|
||||||
|
assert_se(x[1] == '\0');
|
||||||
|
assert_se(x[2] == '\0');
|
||||||
|
assert_se(x[3] == '\0');
|
||||||
|
assert_se(x[4] == '\0');
|
||||||
|
assert_se(x[5] == '\0');
|
||||||
|
assert_se(x[6] == '\0');
|
||||||
|
assert_se(x[7] == '\0');
|
||||||
|
assert_se(x[8] == '\0');
|
||||||
|
assert_se(x[9] == '\0');
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_ascii_strcasecmp_n(void) {
|
static void test_ascii_strcasecmp_n(void) {
|
||||||
|
|
|
@ -243,7 +243,7 @@ static int ask_password_plymouth(
|
||||||
r = 0;
|
r = 0;
|
||||||
|
|
||||||
finish:
|
finish:
|
||||||
memory_erase(buffer, sizeof(buffer));
|
explicit_bzero(buffer, sizeof(buffer));
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -283,7 +283,7 @@ static int send_passwords(const char *socket_name, char **passwords) {
|
||||||
r = log_debug_errno(errno, "sendto(): %m");
|
r = log_debug_errno(errno, "sendto(): %m");
|
||||||
|
|
||||||
finish:
|
finish:
|
||||||
memory_erase(packet, packet_length);
|
explicit_bzero(packet, packet_length);
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue