[Fedora-directory-commits] adminutil/lib/libadmsslutil admsslutil.c, 1.10, 1.11 psetcssl.c, 1.4, 1.5 srvutilssl.c, 1.7, 1.8 uginfossl.c, 1.3, 1.4

Noriko Hosoi nhosoi at fedoraproject.org
Wed Jan 28 00:01:12 UTC 2009


Author: nhosoi

Update of /cvs/dirsec/adminutil/lib/libadmsslutil
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32529/lib/libadmsslutil

Modified Files:
	admsslutil.c psetcssl.c srvutilssl.c uginfossl.c 
Log Message:
Resolves: #191834
Summary: Clean up admin password in memory when it's freed
Description: (comment #5)
1) overwrote password string with '\0's.
2) psetCreate (psetc.c), psetCreateSSL (psetcssl.c)
Both has the similar code "passwd = bindPasswd; /* not to free bindPasswd */". 
According to the comment, by setting bindPasswd to passwd, bindPasswd is not
supposed to be freed.  But the current location does not stop it's being freed
since at that point bindPasswd is NULL and NULL is set to passwd.  (Probably,
the path is not usually taken.)



Index: admsslutil.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/admsslutil.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- admsslutil.c	3 Dec 2008 18:36:50 -0000	1.10
+++ admsslutil.c	28 Jan 2009 00:01:10 -0000	1.11
@@ -96,6 +96,7 @@
       char *dn = admldapGetSIEDN(info);
       ldapError = ldap_simple_bind_s(ld, dn, passwd);
       PL_strfree(dn);
+      memset(passwd, '\0', strlen(passwd));
       PL_strfree(passwd);
   } else {
       /* no password means just punt rather than do anon bind */


Index: psetcssl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/psetcssl.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- psetcssl.c	8 May 2007 19:13:26 -0000	1.4
+++ psetcssl.c	28 Jan 2009 00:01:10 -0000	1.5
@@ -205,11 +205,11 @@
   userDN = admldapGetUserDN(ldapInfo, user);
   if (passwd) {
     bindPasswd = passwd;
-  } else {
-    bindPasswd = admldapGetSIEPWD(ldapInfo);
+  } else { /* passwd is NULL */
+    bindPasswd = admldapGetSIEPWD(ldapInfo); /* duplicated; need to free */
     if (!bindPasswd) {
+      ADM_GetCurrentPassword(errorcode, &bindPasswd); /* should not free */
       passwd = bindPasswd; /* not to free bindPasswd */
-      ADM_GetCurrentPassword(errorcode, &bindPasswd);
     }
   }
 
@@ -228,7 +228,12 @@
   PR_Free(ldapHost);
   PR_Free(sieDN);
   PR_smprintf_free(path);
-  if (!passwd) { if (bindPasswd) PR_Free(bindPasswd); }
+  if (!passwd) {
+    if (bindPasswd) {
+      memset(bindPasswd, '\0', strlen(bindPasswd));
+      PR_Free(bindPasswd);
+    }
+  }
   return pset;
 }
 


Index: srvutilssl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/srvutilssl.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- srvutilssl.c	3 Dec 2008 18:36:50 -0000	1.7
+++ srvutilssl.c	28 Jan 2009 00:01:10 -0000	1.8
@@ -75,8 +75,11 @@
 
   PR_Free(host);
   host = NULL;
-  PR_Free(siepwd);
-  siepwd = NULL;
+  if (siepwd) {
+    memset(siepwd, '\0', strlen(siepwd));
+    PR_Free(siepwd);
+    siepwd = NULL;
+  }
   if (!domainPset) goto err;
 
   nl = retrieveSIEs(domainPset, domainDN, adminName);
@@ -132,8 +135,11 @@
   host = NULL;
   PR_Free(siedn);
   siedn = NULL;
-  PR_Free(siepwd);
-  siepwd = NULL;
+  if (siepwd) {
+    memset(siepwd, '\0', strlen(siepwd));
+    PR_Free(siepwd);
+    siepwd = NULL;
+  }
   if (!domainPset) goto err;
   resultList = retrieveISIEs(domainPset, domainDN);
   psetDelete(domainPset);


Index: uginfossl.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/uginfossl.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- uginfossl.c	4 Apr 2007 19:37:47 -0000	1.3
+++ uginfossl.c	28 Jan 2009 00:01:10 -0000	1.4
@@ -103,7 +103,10 @@
     *error_code = ADMUTIL_LDAP_ERR;
     destroyAdmldap(ldapInfo);
     PL_strfree(binddn);
-    PL_strfree(bindpw);
+    if (bindpw) {
+      memset(bindpw, 0, strlen(bindpw));
+      PL_strfree(bindpw);
+    }
     return NULL;
   }
 
@@ -111,7 +114,11 @@
                                  binddn,
                                  bindpw);
   PL_strfree(binddn);
-  PL_strfree(bindpw);
+  if (bindpw) {
+    memset(bindpw, 0, strlen(bindpw));
+    PL_strfree(bindpw);
+    bindpw = NULL;
+  }
 
   /* authenticate to LDAP server*/
   if (ldapError  != LDAP_SUCCESS) {




More information about the Fedora-directory-commits mailing list