[PATCH 1/2] s3fs-popt: Add function to burn the commandline password.
Scott Lovenberg
scott.lovenberg at gmail.com
Tue Nov 6 17:41:27 MST 2012
On Tue, Nov 6, 2012 at 3:27 AM, Andreas Schneider <asn at samba.org> wrote:
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> source3/include/popt_common.h | 1 +
> source3/lib/popt_common.c | 47 +++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 48 insertions(+)
>
> diff --git a/source3/include/popt_common.h b/source3/include/popt_common.h
> index 2125ed6..5266f36 100644
> --- a/source3/include/popt_common.h
> +++ b/source3/include/popt_common.h
> @@ -49,5 +49,6 @@ extern const struct poptOption popt_common_dynconfig[];
> #define POPT_COMMON_OPTION { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_option, 0, "Common samba commandline config:", NULL },
>
> void popt_common_set_auth_info(struct user_auth_info *auth_info);
> +void popt_burn_cmdline_password(int argc, char *argv[]);
>
> #endif /* _POPT_COMMON_H */
> diff --git a/source3/lib/popt_common.c b/source3/lib/popt_common.c
> index 94e551d..c072839 100644
> --- a/source3/lib/popt_common.c
> +++ b/source3/lib/popt_common.c
> @@ -605,6 +605,53 @@ void popt_common_set_auth_info(struct user_auth_info *auth_info)
> global_auth_info = auth_info;
> }
>
> +/**
> + * @brief Burn the commandline password.
> + *
> + * This function removes the password from the command line so we
> + * don't leak the password e.g. in 'ps aux'.
> + *
> + * It should be called after processing the options and you should pass down
> + * argv from main().
> + *
> + * @param[in] argc The number of arguments.
> + *
> + * @param[in] argv[] The argument array we will find the array.
> + */
> +void popt_burn_cmdline_password(int argc, char *argv[])
> +{
> + bool found = false;
> + char *p = NULL;
> + int i, ulen = 0;
> +
> + for (i = 0; i < argc; i++) {
> + p = argv[i];
> + if (strncmp(p, "-U", 2) == 0) {
> + ulen = 2;
> + found = true;
> + } else if (strncmp(p, "--user", 6) == 0) {
> + ulen = 6;
> + found = true;
> + }
> +
> + if (found) {
> + if (p == NULL) {
> + return;
> + }
> +
> + if (strlen(p) == ulen) {
> + continue;
> + }
> +
> + p = strchr_m(p, '%');
> + if (p != NULL) {
> + memset(p, '\0', strlen(p));
> + }
> + found = false;
> + }
> + }
> +}
> +
> struct poptOption popt_common_credentials[] = {
> { NULL, 0, POPT_ARG_CALLBACK|POPT_CBFLAG_PRE,
> (void *)popt_common_credentials_callback, 0,
> --
> 1.8.0
>
>
memset(p, '\0', strlen(p)) doesn't work for multibyte characters.
Any chance you'll see them here? I'm just assuming since you used
strchr_m instead of strchr.
--
Peace and Blessings,
-Scott.
More information about the samba-technical
mailing list