[PATCH] Zero some memory after use
Jeremy Allison
jra at samba.org
Wed Feb 27 00:28:36 UTC 2019
On Mon, Feb 25, 2019 at 04:35:37PM +0100, Andreas Schneider via samba-technical wrote:
> Hi,
>
> here are some small patches to zero sensitive memory after use.
>
>
> Review much appreciated.
LGTM. RB+ and pushed.
Jeremy.
>
>
> Andreas
>
> --
> Andreas Schneider asn at samba.org
> Samba Team www.samba.org
> GPG-ID: 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
> From fa613a2ffea9b1d54b6c02a5adbe95dcffaa121b Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Thu, 11 Oct 2018 14:33:52 +0200
> Subject: [PATCH 1/3] libcli:smb: Zero sensitive memory after use
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> libcli/smb/smb2_signing.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c
> index 614a2b32dc0..18f5911ad5e 100644
> --- a/libcli/smb/smb2_signing.c
> +++ b/libcli/smb/smb2_signing.c
> @@ -76,6 +76,8 @@ NTSTATUS smb2_signing_sign_pdu(DATA_BLOB signing_key,
> vector[i].iov_len);
> }
> aes_cmac_128_final(&ctx, res);
> +
> + ZERO_ARRAY(key);
> } else {
> struct HMACSHA256Context m;
> uint8_t digest[SHA256_DIGEST_LENGTH];
> @@ -149,6 +151,8 @@ NTSTATUS smb2_signing_check_pdu(DATA_BLOB signing_key,
> vector[i].iov_len);
> }
> aes_cmac_128_final(&ctx, res);
> +
> + ZERO_ARRAY(key);
> } else {
> struct HMACSHA256Context m;
> uint8_t digest[SHA256_DIGEST_LENGTH];
> --
> 2.20.1
>
>
> From c5a3fc943283b579e2cb5cf415e4dca689e8a149 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Tue, 30 Oct 2018 17:08:35 +0100
> Subject: [PATCH 2/3] auth:gensec: Make sure we zero the checksum after use
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> auth/gensec/schannel.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/auth/gensec/schannel.c b/auth/gensec/schannel.c
> index 364a0fcc186..441801bac47 100644
> --- a/auth/gensec/schannel.c
> +++ b/auth/gensec/schannel.c
> @@ -347,6 +347,8 @@ static NTSTATUS netsec_incoming_packet(struct schannel_state *state,
>
> netsec_do_seq_num(state, checksum, checksum_length, seq_num);
>
> + ZERO_ARRAY(checksum);
> +
> ret = memcmp(seq_num, sig->data+8, 8);
> if (ret != 0) {
> dump_data_pw("calc seq num:", seq_num, 8);
> --
> 2.20.1
>
>
> From 832d68eca476709f34ce1275babf729eec23fd5b Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Fri, 26 Oct 2018 14:50:29 +0200
> Subject: [PATCH 3/3] libcli:auth: Avoid explicit ZERO_STRUCT
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> libcli/auth/credentials.c | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c
> index b6c8ba281ba..fcd5e34cc9b 100644
> --- a/libcli/auth/credentials.c
> +++ b/libcli/auth/credentials.c
> @@ -76,14 +76,12 @@ static void netlogon_creds_init_128bit(struct netlogon_creds_CredentialState *cr
> const struct netr_Credential *server_challenge,
> const struct samr_Password *machine_password)
> {
> - unsigned char zero[4], tmp[16];
> + uint8_t zero[4] = {0}, tmp[16];
> HMACMD5Context ctx;
> MD5_CTX md5;
>
> ZERO_ARRAY(creds->session_key);
>
> - memset(zero, 0, sizeof(zero));
> -
> hmac_md5_init_rfc2104(machine_password->hash, sizeof(machine_password->hash), &ctx);
> MD5Init(&md5);
> MD5Update(&md5, zero, sizeof(zero));
> --
> 2.20.1
>
More information about the samba-technical
mailing list