[SCM] Samba Shared Repository - branch master updated

Jim McDonough jmcd at samba.org
Tue Mar 16 11:29:37 MDT 2010 

The branch, master has been updated
       via  f989410... Fix developer build, remove malloc
      from  2bdece1... kerberos - set the memory to "0"s before freeing the password to prevent security issues

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit f98941033ddbf79a18f24d81f44aba05366874fe
Author: Andreas Schneider <asn at redhat.com>
Date:   Tue Mar 16 13:27:00 2010 -0400

    Fix developer build, remove malloc

-----------------------------------------------------------------------

Summary of changes:
 source3/utils/smbta-util.c |   18 +++++++-----------
 1 files changed, 7 insertions(+), 11 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/utils/smbta-util.c b/source3/utils/smbta-util.c
index 8ce8fa5..8ce87b3 100644
--- a/source3/utils/smbta-util.c
+++ b/source3/utils/smbta-util.c
@@ -67,10 +67,9 @@ static void create_keyfile(char *filename, char *key)
  * Load a key from a file. The caller has to free the
  * returned string.
  */
-static char *load_key_from_file(char *filename)
+static void load_key_from_file(char *filename, char *key)
 {
 	FILE *keyfile;
-	char *key = malloc(sizeof(char) * 17);
 	int l;
 	keyfile = fopen(filename, "r");
 	if (keyfile == NULL) {
@@ -83,7 +82,6 @@ static char *load_key_from_file(char *filename)
 		fclose(keyfile);
 		exit(1);
 	}
-	return key;
 }
 
 static void create_file_from_key(char *filename)
@@ -102,9 +100,8 @@ static void create_file_from_key(char *filename)
  * Generate a random key. The user has to free the returned
  * string.
  */
-static char *generate_key()
+static void generate_key(char *key)
 {
-	char *key = malloc(sizeof(char)*17);
 	int f;
 	srand( (unsigned)time( NULL ) );
 	for ( f = 0; f < 16; f++) {
@@ -112,22 +109,22 @@ static char *generate_key()
 	}
 	*(key+16)='\0';
 	printf("Random key generated.\n");
-	return key;
 }
 
 static void create_new_key_and_activate( char *filename )
 {
+	char key[17] = {0};
+
 	if (!secrets_init()) {
 		printf("Error opening secrets database.");
 		exit(1);
 	}
 
-	char *key = generate_key();
+	generate_key(key);
 	delete_key();
 	secrets_store("smb_traffic_analyzer_key", key, strlen(key)+1 );
 	printf("Key installed, encryption activated.\n");
 	create_file_from_key(filename);
-	free(key);
 }
 
 static void delete_key()
@@ -146,10 +143,10 @@ static void delete_key()
 
 static void load_key_from_file_and_activate( char *filename)
 {
-	char *key;
+	char key[17] = {0};
 	char *akey;
 	size_t size;
-	key = load_key_from_file(filename);
+	load_key_from_file(filename, key);
 	printf("Loaded key from %s.\n",filename);
 	akey = (char *) secrets_fetch("smb_traffic_analyzer_key", &size);
 	if (akey != NULL) {
@@ -158,7 +155,6 @@ static void load_key_from_file_and_activate( char *filename)
 	}
 	printf("Installing the key from file %s\n",filename);
 	secrets_store("smb_traffic_analyzer_key", key, strlen(key)+1);
-	free(key);
 }
 
 static void process_arguments(int argc, char **argv)


-- 
Samba Shared Repository

More information about the samba-cvs mailing list