GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Use a static buffer to read the password file entries from.

Browse Source 
That allows easier overwrite of the parameters read.
This commit is contained in:
Nikos Mavrogiannopoulos
2014-05-10 13:43:09 +02:00
parent 93db512921
commit 127fd35d2e
2 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/common.h
View File

@@ -59,5 +59,20 @@ int recv_socket_msg(void *pool, int fd, uint8_t cmd,
const char* cmd_request_to_str(unsigned cmd);
inline static
void safe_memset(void *data, int c, size_t size)
{
volatile unsigned volatile_zero = 0;
volatile char *vdata = (volatile char*)data;
/* This is based on a nice trick for safe memset,
* sent by David Jacobson in the openssl-dev mailing list.
*/
do {
memset(data, c, size);
} while(vdata[volatile_zero] != c);
}
#endif

10
src/plain.c
View File

@@ -47,8 +47,7 @@ static int read_auth_pass(struct plain_ctx_st *pctx)
{
unsigned groupname_size;
FILE *fp;
char *line = NULL;
size_t len;
char line[512];
ssize_t ll;
char *p, *sp;
int ret;
@@ -61,7 +60,10 @@ static int read_auth_pass(struct plain_ctx_st *pctx)
return -1;
}
while ((ll = getline(&line, &len, fp)) > 0) {
line[sizeof(line)-1] = 0;
while ((p=fgets(line, sizeof(line)-1, fp)) != NULL) {
ll = strlen(p);
if (ll <= 4)
continue;
@@ -100,8 +102,8 @@ static int read_auth_pass(struct plain_ctx_st *pctx)
/* always succeed */
ret = 0;
exit:
safe_memset(line, 0, sizeof(line));
fclose(fp);
free(line); /* no talloc_free, as it is provided by getline */
return ret;
}