diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2009-10-06 17:54:59 +0200 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-10-06 17:54:59 +0200 |
commit | 3a2290433a654a8b5f07a1db1f8142ec01ca57a7 (patch) | |
tree | cb7126cc4acb9fc4ed7da6f9504b293aafb353d4 | |
parent | 08cbabbfb79d8e618c2fd0c9e0398d8ffee4a6c3 (diff) | |
download | eurephia-3a2290433a654a8b5f07a1db1f8142ec01ca57a7.tar.gz eurephia-3a2290433a654a8b5f07a1db1f8142ec01ca57a7.tar.xz eurephia-3a2290433a654a8b5f07a1db1f8142ec01ca57a7.zip |
Fixed memory leak in the firewall implementation and added mlock() usage
The memory leak was caused by not freeing the shadow context the firewall
child process uses for logging. In addition this child process had a
connection to the database open as well, which was not needed. This
connection is now disconnected immediately after the child process has
started.
Added also usage of mlock() to protect sensitive information from being
swapped out to disk.
-rw-r--r-- | plugin/eurephia.c | 17 | ||||
-rw-r--r-- | plugin/firewall/eurephiafw.c | 9 |
2 files changed, 25 insertions, 1 deletions
diff --git a/plugin/eurephia.c b/plugin/eurephia.c index f86b6cb..544e0ec 100644 --- a/plugin/eurephia.c +++ b/plugin/eurephia.c @@ -32,9 +32,11 @@ #include <stdio.h> #include <stdlib.h> #include <stdarg.h> +#include <sys/mman.h> #include <string.h> #include <getopt.h> #include <assert.h> +#include <errno.h> #define EUREPHIA_FWINTF /**< Include the proper eurephiaFWINTF declaration in eurephiaCTX */ #include <eurephiafw_struct.h> @@ -126,6 +128,10 @@ eurephiaCTX *eurephiaInit(const char **argv) // Prepare a context area for eurephia-auth ctx = (eurephiaCTX *) malloc_nullsafe(NULL, sizeof(eurephiaCTX)+2); assert( ctx != NULL ); + if( mlock(ctx, sizeof(eurephiaCTX)+2) < 0 ) { + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not mlock() eurephia context: %s", + strerror(errno)); + }; ctx->context_type = ECTX_PLUGIN_AUTH; // Open a log file @@ -161,6 +167,10 @@ eurephiaCTX *eurephiaInit(const char **argv) // Get data for server_salt - which will be used for the password cache ctx->server_salt = (char *) malloc_nullsafe(ctx, SIZE_PWDCACHE_SALT+2); assert( ctx->server_salt != NULL ); + if( mlock(ctx->server_salt, SIZE_PWDCACHE_SALT+2) < 0 ) { + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not mlock() eurephia server salt: %s", + strerror(errno)); + } if( !eurephia_randstring(ctx, ctx->server_salt, SIZE_PWDCACHE_SALT) ) { eurephia_log(ctx, LOG_PANIC, 0 , @@ -224,7 +234,9 @@ int eurephiaShutdown(eurephiaCTX *ctx) eurephia_log_close(ctx); memset(ctx->server_salt, 0xff, SIZE_PWDCACHE_SALT+2); + munlock(ctx->server_salt, SIZE_PWDCACHE_SALT+2); free_nullsafe(ctx, ctx->server_salt); + munlock(ctx, sizeof(eurephiaCTX)+2); free_nullsafe(ctx, ctx); return 1; } @@ -375,8 +387,11 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env) // Do username/password/certificate authentication passwd = GETENV_PASSWORD(ctx, env); + mlock(passwd, strlen_nullsafe(passwd)); if( (passwd == NULL) || (strlen_nullsafe(passwd) == 0) ) { eurephia_log(ctx, LOG_WARNING, 0, "eurephia-auth: No password received. Action aborted"); + memset(passwd, 0, strlen_nullsafe(passwd)); + munlock(passwd, strlen_nullsafe(passwd)); free_nullsafe(ctx, passwd); free_nullsafe(ctx, tls_id); free_nullsafe(ctx, username); @@ -435,6 +450,8 @@ int eurephia_userauth(eurephiaCTX *ctx, const char **env) } exit: + memset(passwd, 0, strlen_nullsafe(passwd)); + munlock(passwd, strlen_nullsafe(passwd)); eDBfree_session(ctx, authsess); free_nullsafe(ctx, remport); free_nullsafe(ctx, cname); diff --git a/plugin/firewall/eurephiafw.c b/plugin/firewall/eurephiafw.c index deec3db..471e6e8 100644 --- a/plugin/firewall/eurephiafw.c +++ b/plugin/firewall/eurephiafw.c @@ -145,6 +145,10 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { // Create a fake eurephia context, just for logging shadowctx = (eurephiaCTX *) malloc_nullsafe(ctx, sizeof(eurephiaCTX)+2); assert( shadowctx != NULL ); + if( mlock(shadowctx, sizeof(eurephiaCTX)+2) < 0 ) { + eurephia_log(ctx, LOG_CRITICAL, 0, "Could not mlock() firewall context: %s", + strerror(errno)); + }; shadowctx->context_type = ECTX_NO_PRIVILEGES; shadowctx->log = ctx->log; (*ctx->fwcfg).thrdata.ctx = shadowctx; @@ -214,6 +218,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { } switch( ctx->fwcfg->fwproc_pid ) { case 0: // Child process + eDBdisconnect(ctx); eFW_RunFirewall(&(*ctx->fwcfg).thrdata); exit(-1); // If our child process exits abnormally. @@ -252,7 +257,7 @@ void eFW_StartFirewall(eurephiaCTX *ctx) { sem_wait(ctx->fwcfg->thrdata.semp_worker); eurephia_log(ctx, LOG_INFO, 2, "eFW interface initialised."); - // Initialise the chain + // Initialise the chain memset(&buf, 0, 1026); snprintf(buf, 1024, "I %s", fwdest); if( mq_send((*ctx->fwcfg).thrdata.msgq, buf, strlen(buf)+1, 1) == -1 ) { @@ -348,6 +353,8 @@ void eFW_StopFirewall(eurephiaCTX *ctx) { sem_post(ctx->fwcfg->thrdata.semp_master); // Clean up and exit + munlock(ctx->fwcfg->thrdata.ctx, sizeof(eurephiaCTX)+2); + free_nullsafe(ctx, ctx->fwcfg->thrdata.ctx); free_nullsafe(ctx, ctx->fwcfg->fwblacklist_sendto); eFree_values(ctx, ctx->fwcfg->blacklisted); free_nullsafe(ctx, (*ctx->fwcfg).thrdata.fw_command); |