Add a zero_bytes() function to do the equivalent of bzero in such a
way that will heopfully not be optimized away by sneaky compilers.
This commit is contained in:
Todd C. Miller
@@ -74,7 +74,7 @@ aixauth_verify(pw, prompt, auth)
|
|||||||
char *prompt;
|
char *prompt;
|
||||||
sudo_auth *auth;
|
sudo_auth *auth;
|
||||||
{
|
{
|
||||||
volatile char *pass;
|
char *pass;
|
||||||
char *message;
|
char *message;
|
||||||
int reenter = 1;
|
int reenter = 1;
|
||||||
int rval = AUTH_FAILURE;
|
int rval = AUTH_FAILURE;
|
||||||
@@ -83,7 +83,7 @@ aixauth_verify(pw, prompt, auth)
|
|||||||
if (pass) {
|
if (pass) {
|
||||||
if (authenticate(pw->pw_name, (char *)pass, &reenter, &message) == 0)
|
if (authenticate(pw->pw_name, (char *)pass, &reenter, &message) == 0)
|
||||||
rval = AUTH_SUCCESS;
|
rval = AUTH_SUCCESS;
|
||||||
memset(pass, 0, strlen(pass));
|
zero_bytes(pass, strlen(pass));
|
||||||
}
|
}
|
||||||
return(rval);
|
return(rval);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -116,7 +116,7 @@ bsdauth_verify(pw, prompt, auth)
|
|||||||
char *prompt;
|
char *prompt;
|
||||||
sudo_auth *auth;
|
sudo_auth *auth;
|
||||||
{
|
{
|
||||||
volatile char *pass;
|
char *pass;
|
||||||
char *s;
|
char *s;
|
||||||
size_t len;
|
size_t len;
|
||||||
int authok = 0;
|
int authok = 0;
|
||||||
@@ -165,7 +165,7 @@ bsdauth_verify(pw, prompt, auth)
|
|||||||
|
|
||||||
if (pass) {
|
if (pass) {
|
||||||
authok = auth_userresponse(as, (char *)pass, 1);
|
authok = auth_userresponse(as, (char *)pass, 1);
|
||||||
memset(pass, 0, strlen(pass));
|
zero_bytes(pass, strlen(pass));
|
||||||
}
|
}
|
||||||
|
|
||||||
/* restore old signal handler */
|
/* restore old signal handler */
|
||||||
|
|||||||
@@ -114,8 +114,8 @@ fwtk_verify(pw, prompt, auth)
|
|||||||
char *prompt;
|
char *prompt;
|
||||||
sudo_auth *auth;
|
sudo_auth *auth;
|
||||||
{
|
{
|
||||||
volatile char *pass; /* Password from the user */
|
char *pass; /* Password from the user */
|
||||||
volatile char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
|
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
|
||||||
char resp[128]; /* Response from the server */
|
char resp[128]; /* Response from the server */
|
||||||
int error;
|
int error;
|
||||||
extern int nil_pw;
|
extern int nil_pw;
|
||||||
@@ -166,8 +166,8 @@ fwtk_verify(pw, prompt, auth)
|
|||||||
warnx("%s", resp);
|
warnx("%s", resp);
|
||||||
error = AUTH_FAILURE;
|
error = AUTH_FAILURE;
|
||||||
done:
|
done:
|
||||||
memset(pass, 0, strlen(pass));
|
zero_bytes(pass, strlen(pass));
|
||||||
memset(buf, 0, strlen(buf));
|
zero_bytes(buf, strlen(buf));
|
||||||
return(error);
|
return(error);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
13
auth/pam.c
13
auth/pam.c
@@ -190,16 +190,16 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
|||||||
struct pam_response **response;
|
struct pam_response **response;
|
||||||
VOID *appdata_ptr;
|
VOID *appdata_ptr;
|
||||||
{
|
{
|
||||||
volatile struct pam_response *pr;
|
struct pam_response *pr;
|
||||||
PAM_CONST struct pam_message *pm;
|
PAM_CONST struct pam_message *pm;
|
||||||
const char *p = def_prompt;
|
const char *p = def_prompt;
|
||||||
volatile char *pass;
|
char *pass;
|
||||||
int n, flags;
|
int n, flags;
|
||||||
extern int nil_pw;
|
extern int nil_pw;
|
||||||
|
|
||||||
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
|
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
|
||||||
return(PAM_CONV_ERR);
|
return(PAM_CONV_ERR);
|
||||||
(void) memset(*response, 0, num_msg * sizeof(struct pam_response));
|
zero_bytes(*response, num_msg * sizeof(struct pam_response));
|
||||||
|
|
||||||
for (pr = *response, pm = *msg, n = num_msg; n--; pr++, pm++) {
|
for (pr = *response, pm = *msg, n = num_msg; n--; pr++, pm++) {
|
||||||
flags = tgetpass_flags;
|
flags = tgetpass_flags;
|
||||||
@@ -217,7 +217,7 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
|||||||
if (*pr->resp == '\0')
|
if (*pr->resp == '\0')
|
||||||
nil_pw = 1; /* empty password */
|
nil_pw = 1; /* empty password */
|
||||||
else
|
else
|
||||||
memset(pass, 0, strlen(pass));
|
zero_bytes(pass, strlen(pass));
|
||||||
break;
|
break;
|
||||||
case PAM_TEXT_INFO:
|
case PAM_TEXT_INFO:
|
||||||
if (pm->msg)
|
if (pm->msg)
|
||||||
@@ -233,13 +233,12 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
|||||||
/* Zero and free allocated memory and return an error. */
|
/* Zero and free allocated memory and return an error. */
|
||||||
for (pr = *response, n = num_msg; n--; pr++) {
|
for (pr = *response, n = num_msg; n--; pr++) {
|
||||||
if (pr->resp != NULL) {
|
if (pr->resp != NULL) {
|
||||||
(void) memset(pr->resp, 0, strlen(pr->resp));
|
zero_bytes(pr->resp, strlen(pr->resp));
|
||||||
free(pr->resp);
|
free(pr->resp);
|
||||||
pr->resp = NULL;
|
pr->resp = NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
(void) memset(*response, 0,
|
zero_bytes(*response, num_msg * sizeof(struct pam_response));
|
||||||
num_msg * sizeof(struct pam_response));
|
|
||||||
free(*response);
|
free(*response);
|
||||||
*response = NULL;
|
*response = NULL;
|
||||||
return(PAM_CONV_ERR);
|
return(PAM_CONV_ERR);
|
||||||
|
|||||||
@@ -117,7 +117,7 @@ verify_user(pw, prompt)
|
|||||||
int success = AUTH_FAILURE;
|
int success = AUTH_FAILURE;
|
||||||
int status;
|
int status;
|
||||||
int flags;
|
int flags;
|
||||||
volatile char *p;
|
char *p;
|
||||||
sudo_auth *auth;
|
sudo_auth *auth;
|
||||||
sigaction_t sa, osa;
|
sigaction_t sa, osa;
|
||||||
|
|
||||||
@@ -202,7 +202,7 @@ verify_user(pw, prompt)
|
|||||||
}
|
}
|
||||||
#ifndef AUTH_STANDALONE
|
#ifndef AUTH_STANDALONE
|
||||||
if (p)
|
if (p)
|
||||||
(void) memset(p, 0, strlen(p));
|
zero_bytes(p, strlen(p));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Exit loop on nil password, but give it a chance to match first. */
|
/* Exit loop on nil password, but give it a chance to match first. */
|
||||||
|
|||||||
Reference in New Issue
Block a user