[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Tue Oct 16 09:39:02 UTC 2018
The branch, master has been updated
via 9291a33 s3:lib:popt: Use memset_s() to burn password string
via 84615c1 replace: Add memset_s() if not available
from 2fc855e7 samba-tool drs showrepl: do not crash if no dnsHostName found
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 9291a3330a1e0876b73182b4e5e44e7d6d450b55
Author: Andreas Schneider <asn at samba.org>
Date: Wed Oct 10 16:09:32 2018 +0200
s3:lib:popt: Use memset_s() to burn password string
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Tue Oct 16 11:38:40 CEST 2018 on sn-devel-144
commit 84615c19826895ab57e40ab2b2cdfdc625376097
Author: Andreas Schneider <asn at samba.org>
Date: Wed Oct 10 16:05:46 2018 +0200
replace: Add memset_s() if not available
See https://en.cppreference.com/w/c/string/byte/memset
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
-----------------------------------------------------------------------
Summary of changes:
lib/replace/replace.c | 31 +++++++++++++++++++++++++++++++
lib/replace/replace.h | 8 ++++++++
lib/replace/wscript | 17 +++++++++++++++++
source3/lib/popt_common_cmdline.c | 2 +-
4 files changed, 57 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index dc81e9c..113137c 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -947,3 +947,34 @@ void rep_setproctitle_init(int argc, char *argv[], char *envp[])
{
}
#endif
+
+#ifndef HAVE_MEMSET_S
+# ifndef RSIZE_MAX
+# define RSIZE_MAX (SIZE_MAX >> 1)
+# endif
+
+int rep_memset_s(void *dest, size_t destsz, int ch, size_t count)
+{
+ if (dest == NULL) {
+ return EINVAL;
+ }
+
+ if (destsz > RSIZE_MAX ||
+ count > RSIZE_MAX ||
+ count > destsz) {
+ return ERANGE;
+ }
+
+#if defined(HAVE_MEMSET_EXPLICIT)
+ memset_explicit(dest, destsz, ch, count);
+#else /* HAVE_MEMSET_EXPLICIT */
+ memset(dest, ch, count);
+# if defined(HAVE_GCC_VOLATILE_MEMORY_PROTECTION)
+ /* See http://llvm.org/bugs/show_bug.cgi?id=15495 */
+ __asm__ volatile("" : : "g"(dest) : "memory");
+# endif /* HAVE_GCC_VOLATILE_MEMORY_PROTECTION */
+#endif /* HAVE_MEMSET_EXPLICIT */
+
+ return 0;
+}
+#endif /* HAVE_MEMSET_S */
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index 626d305..de4e20c 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -36,6 +36,9 @@
#include <standards.h>
#endif
+/* Needs to be defined before std*.h and string*.h are included */
+#define __STDC_WANT_LIB_EXT1__ 1
+
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
@@ -925,6 +928,11 @@ void rep_setproctitle(const char *fmt, ...) PRINTF_ATTRIBUTE(1, 2);
void rep_setproctitle_init(int argc, char *argv[], char *envp[]);
#endif
+#ifndef HAVE_MEMSET_S
+#define memset_s rep_memset_s
+int rep_memset_s(void *dest, size_t destsz, int ch, size_t count);
+#endif
+
#ifndef FALL_THROUGH
# ifdef HAVE_FALLTHROUGH_ATTRIBUTE
# define FALL_THROUGH __attribute__ ((fallthrough))
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 8e28734..8adfffe 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -195,6 +195,23 @@ def configure(conf):
'socket nsl', checklibc=True,
headers='sys/socket.h netinet/in.h arpa/inet.h netdb.h')
+ conf.CHECK_FUNCS('memset_s memset_explicit')
+
+ conf.CHECK_CODE('''
+ #include <string.h>
+
+ int main(void)
+ {
+ char buf[] = "This is some content";
+ memset(buf, '\0', sizeof(buf)); __asm__ volatile("" : : "g"(&buf) : "memory");
+ return 0;
+ }
+ ''',
+ define='HAVE_GCC_VOLATILE_MEMORY_PROTECTION',
+ addmain=False,
+ msg='Checking for volatile memory protection',
+ local_include=False)
+
# Some old Linux systems have broken header files and
# miss the IPV6_V6ONLY define in netinet/in.h,
# but have it in linux/in6.h.
diff --git a/source3/lib/popt_common_cmdline.c b/source3/lib/popt_common_cmdline.c
index fe23f84..9712342 100644
--- a/source3/lib/popt_common_cmdline.c
+++ b/source3/lib/popt_common_cmdline.c
@@ -217,7 +217,7 @@ void popt_burn_cmdline_password(int argc, char *argv[])
p = strchr_m(p, '%');
if (p != NULL) {
- memset(p, '\0', strlen(p));
+ memset_s(p, strlen(p), '\0', strlen(p));
}
found = false;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list