X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=lib%2Futils_crypt.c;h=5cfe4777fedd32ee6136a19df85961fe7a3e76f5;hb=a3777a6b2cde2c7133141474dd4c428220a3e9cc;hp=204932f15fc2d575c8dcbeafc9ef013e86053836;hpb=af2730fe2af9c546f81a874051fcfa83faf64ef1;p=platform%2Fupstream%2Fcryptsetup.git diff --git a/lib/utils_crypt.c b/lib/utils_crypt.c index 204932f..5cfe477 100644 --- a/lib/utils_crypt.c +++ b/lib/utils_crypt.c @@ -3,10 +3,12 @@ * * Copyright (C) 2004-2007, Clemens Fruhwirth * Copyright (C) 2009-2012, Red Hat, Inc. All rights reserved. + * Copyright (C) 2009-2012, Milan Broz * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License - * version 2 as published by the Free Software Foundation. + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of @@ -79,6 +81,18 @@ int crypt_parse_name_and_mode(const char *s, char *cipher, int *key_nums, return -EINVAL; } +/* + * Replacement for memset(s, 0, n) on stack that can be optimized out + * Also used in safe allocations for explicit memory wipe. + */ +void crypt_memzero(void *s, size_t n) +{ + volatile uint8_t *p = (volatile uint8_t *)s; + + while(n--) + *p++ = 0; +} + /* safe allocations */ void *crypt_safe_alloc(size_t size) { @@ -92,8 +106,9 @@ void *crypt_safe_alloc(size_t size) return NULL; alloc->size = size; - memset(&alloc->data, 0, size); + crypt_memzero(&alloc->data, size); + /* coverity[leaked_storage] */ return &alloc->data; } @@ -107,7 +122,7 @@ void crypt_safe_free(void *data) alloc = (struct safe_allocation *) ((char *)data - offsetof(struct safe_allocation, data)); - memset(data, 0, alloc->size); + crypt_memzero(data, alloc->size); alloc->size = 0x55aa55aa; free(alloc); @@ -154,7 +169,7 @@ static int untimed_read(int fd, char *pass, size_t maxlen) static int timed_read(int fd, char *pass, size_t maxlen, long timeout) { struct timeval t; - fd_set fds; + fd_set fds = {}; /* Just to avoid scan-build false report for FD_SET */ int failed = -1; FD_ZERO(&fds); @@ -173,16 +188,18 @@ static int interactive_pass(const char *prompt, char *pass, size_t maxlen, { struct termios orig, tmp; int failed = -1; - int infd = STDIN_FILENO, outfd; + int infd, outfd; if (maxlen < 1) - goto out_err; + return failed; /* Read and write to /dev/tty if available */ - if ((infd = outfd = open("/dev/tty", O_RDWR)) == -1) { + infd = open("/dev/tty", O_RDWR); + if (infd == -1) { infd = STDIN_FILENO; outfd = STDERR_FILENO; - } + } else + outfd = infd; if (tcgetattr(infd, &orig)) goto out_err; @@ -510,10 +527,13 @@ int crypt_string_to_size(struct crypt_device *cd, const char *s, uint64_t *size) break; case 't': case 'T': mult *= mult_base; + /* Fall through */ case 'g': case 'G': mult *= mult_base; + /* Fall through */ case 'm': case 'M': mult *= mult_base; + /* Fall through */ case 'k': case 'K': mult *= mult_base; break;