[dovecot-cvs] dovecot/src/auth auth-plain.c,1.3,1.4 login-connection.c,1.6,1.7
cras at procontrol.fi
cras at procontrol.fi
Wed Nov 6 08:01:00 EET 2002
Update of /home/cvs/dovecot/src/auth
In directory danu:/tmp/cvs-serv19503
Modified Files:
auth-plain.c login-connection.c
Log Message:
Plaintext passwords weren't cleared from memory after use.
Index: auth-plain.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/auth-plain.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- auth-plain.c 8 Sep 2002 14:39:05 -0000 1.3
+++ auth-plain.c 6 Nov 2002 06:00:58 -0000 1.4
@@ -12,8 +12,9 @@
{
AuthCookieReplyData *cookie_reply = cookie->context;
AuthReplyData reply;
- const char *user, *pass;
- size_t i, count;
+ const char *user;
+ char *pass;
+ size_t i, count, len;
/* initialize reply */
memset(&reply, 0, sizeof(reply));
@@ -26,13 +27,16 @@
pass = NULL;
count = 0;
for (i = 0; i < request->data_size; i++) {
- if (data[i] == '\0') {
- if (++count == 2) {
- pass = i+1 == request->data_size ? "" :
- t_strndup((const char *) data + i + 1,
- request->data_size - i - 1);
- break;
+ if (data[i] == '\0' && ++count == 2) {
+ if (i+1 == request->data_size)
+ pass = "";
+ else {
+ len = request->data_size - (i+1);
+ pass = t_malloc(len+1);
+ memcpy(pass, (const char *) data + (i+1), len);
+ pass[len] = '\0';
}
+ break;
}
}
@@ -40,6 +44,11 @@
if (userinfo->verify_plain(user, pass, cookie_reply)) {
cookie_reply->success = TRUE;
reply.result = AUTH_RESULT_SUCCESS;
+ }
+
+ if (*pass != '\0') {
+ /* make sure it's cleared */
+ memset(pass, 0, strlen(pass));
}
}
Index: login-connection.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/login-connection.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- login-connection.c 28 Oct 2002 04:18:26 -0000 1.6
+++ login-connection.c 6 Nov 2002 06:00:58 -0000 1.7
@@ -47,7 +47,7 @@
IO io __attr_unused__)
{
LoginConnection *conn = context;
- const unsigned char *data;
+ unsigned char *data;
size_t size;
switch (i_buffer_read(conn->inbuf)) {
@@ -65,7 +65,7 @@
return;
}
- data = i_buffer_get_data(conn->inbuf, &size);
+ data = i_buffer_get_modifyable_data(conn->inbuf, &size);
if (size < sizeof(AuthRequestType))
return;
@@ -104,6 +104,9 @@
auth_continue_request(&request, data + sizeof(request),
request_callback, conn);
conn->type = AUTH_REQUEST_NONE;
+
+ /* clear any sensitive data from memory */
+ memset(data + sizeof(request), 0, request.data_size);
} else {
/* unknown request */
i_error("BUG: imap-login sent us unknown request %u",
More information about the dovecot-cvs
mailing list