1
0
mirror of git://sourceware.org/git/lvm2.git synced 2025-01-10 05:18:36 +03:00

Wipe dm-ioctl parameters in memory after use.

This commit is contained in:
Milan Broz 2010-04-07 15:57:20 +00:00
parent 5e8c230d1f
commit 7b030379ec
3 changed files with 51 additions and 35 deletions

View File

@ -1,5 +1,6 @@
Version 1.02.46 - Version 1.02.46 -
================================ ================================
Wipe memory buffers for dm-ioctl parameters before releaseing.
Strictly require libudev if udev_sync is used. Strictly require libudev if udev_sync is used.
Add support for ioctl's DM_UEVENT_GENERATED_FLAG. Add support for ioctl's DM_UEVENT_GENERATED_FLAG.

View File

@ -353,13 +353,29 @@ error:
#endif #endif
} }
static void _dm_zfree_string(char *string)
{
if (string) {
memset(string, 0, strlen(string));
dm_free(string);
}
}
static void _dm_zfree_dmi(struct dm_ioctl *dmi)
{
if (dmi) {
memset(dmi, 0, dmi->data_size);
dm_free(dmi);
}
}
void dm_task_destroy(struct dm_task *dmt) void dm_task_destroy(struct dm_task *dmt)
{ {
struct target *t, *n; struct target *t, *n;
for (t = dmt->head; t; t = n) { for (t = dmt->head; t; t = n) {
n = t->next; n = t->next;
dm_free(t->params); _dm_zfree_string(t->params);
dm_free(t->type); dm_free(t->type);
dm_free(t); dm_free(t);
} }
@ -373,8 +389,7 @@ void dm_task_destroy(struct dm_task *dmt)
if (dmt->message) if (dmt->message)
dm_free(dmt->message); dm_free(dmt->message);
if (dmt->dmi.v4) _dm_zfree_dmi(dmt->dmi.v4);
dm_free(dmt->dmi.v4);
if (dmt->uuid) if (dmt->uuid)
dm_free(dmt->uuid); dm_free(dmt->uuid);
@ -388,6 +403,14 @@ void dm_task_destroy(struct dm_task *dmt)
#ifdef DM_COMPAT #ifdef DM_COMPAT
static void _dm_zfree_dmi_v1(struct dm_ioctl_v1 *dmi)
{
if (dmi) {
memset(dmi, 0, dmi->data_size);
dm_free(dmi);
}
}
static int _dm_task_get_driver_version_v1(struct dm_task *dmt, char *version, static int _dm_task_get_driver_version_v1(struct dm_task *dmt, char *version,
size_t size) size_t size)
{ {
@ -494,13 +517,10 @@ static void *_add_target_v1(struct target *t, void *out, void *end)
struct dm_target_spec_v1 sp; struct dm_target_spec_v1 sp;
size_t sp_size = sizeof(struct dm_target_spec_v1); size_t sp_size = sizeof(struct dm_target_spec_v1);
int len; int len;
const char no_space[] = "Ran out of memory building ioctl parameter";
out += sp_size; out += sp_size;
if (out >= end) { if (out >= end)
log_error(no_space); return_NULL;
return NULL;
}
sp.status = 0; sp.status = 0;
sp.sector_start = t->start; sp.sector_start = t->start;
@ -509,12 +529,9 @@ static void *_add_target_v1(struct target *t, void *out, void *end)
len = strlen(t->params); len = strlen(t->params);
if ((out + len + 1) >= end) { if ((out + len + 1) >= end)
log_error(no_space); return_NULL;
log_error("t->params= '%s'", t->params);
return NULL;
}
strcpy((char *) out, t->params); strcpy((char *) out, t->params);
out += len + 1; out += len + 1;
@ -600,8 +617,10 @@ static struct dm_ioctl_v1 *_flatten_v1(struct dm_task *dmt)
e = (void *) ((char *) dmi + len); e = (void *) ((char *) dmi + len);
for (t = dmt->head; t; t = t->next) for (t = dmt->head; t; t = t->next)
if (!(b = _add_target_v1(t, b, e))) if (!(b = _add_target_v1(t, b, e))) {
log_error("Ran out of memory building ioctl parameter");
goto bad; goto bad;
}
if (dmt->newname) if (dmt->newname)
strcpy(b, dmt->newname); strcpy(b, dmt->newname);
@ -609,7 +628,7 @@ static struct dm_ioctl_v1 *_flatten_v1(struct dm_task *dmt)
return dmi; return dmi;
bad: bad:
dm_free(dmi); _dm_zfree_dmi_v1(dmi);
return NULL; return NULL;
} }
@ -762,7 +781,7 @@ static int _dm_task_run_v1(struct dm_task *dmt)
dmt->type = DM_DEVICE_INFO; dmt->type = DM_DEVICE_INFO;
if (!dm_task_run(dmt)) if (!dm_task_run(dmt))
goto bad; goto bad;
dm_free(dmi); /* We'll use what info returned */ _dm_zfree_dmi_v1(dmi); /* We'll use what info returned */
return 1; return 1;
} }
@ -770,7 +789,7 @@ static int _dm_task_run_v1(struct dm_task *dmt)
return 1; return 1;
bad: bad:
dm_free(dmi); _dm_zfree_dmi_v1(dmi);
return 0; return 0;
} }
@ -1177,7 +1196,7 @@ struct target *create_target(uint64_t start, uint64_t len, const char *type,
return t; return t;
bad: bad:
dm_free(t->params); _dm_zfree_string(t->params);
dm_free(t->type); dm_free(t->type);
dm_free(t); dm_free(t);
return NULL; return NULL;
@ -1189,13 +1208,10 @@ static void *_add_target(struct target *t, void *out, void *end)
struct dm_target_spec sp; struct dm_target_spec sp;
size_t sp_size = sizeof(struct dm_target_spec); size_t sp_size = sizeof(struct dm_target_spec);
int len; int len;
const char no_space[] = "Ran out of memory building ioctl parameter";
out += sp_size; out += sp_size;
if (out >= end) { if (out >= end)
log_error(no_space); return_NULL;
return NULL;
}
sp.status = 0; sp.status = 0;
sp.sector_start = t->start; sp.sector_start = t->start;
@ -1204,12 +1220,9 @@ static void *_add_target(struct target *t, void *out, void *end)
len = strlen(t->params); len = strlen(t->params);
if ((out + len + 1) >= end) { if ((out + len + 1) >= end)
log_error(no_space); return_NULL;
log_error("t->params= '%s'", t->params);
return NULL;
}
strcpy((char *) out, t->params); strcpy((char *) out, t->params);
out += len + 1; out += len + 1;
@ -1403,8 +1416,10 @@ static struct dm_ioctl *_flatten(struct dm_task *dmt, unsigned repeat_count)
e = (void *) ((char *) dmi + len); e = (void *) ((char *) dmi + len);
for (t = dmt->head; t; t = t->next) for (t = dmt->head; t; t = t->next)
if (!(b = _add_target(t, b, e))) if (!(b = _add_target(t, b, e))) {
log_error("Ran out of memory building ioctl parameter");
goto bad; goto bad;
}
if (dmt->newname) if (dmt->newname)
strcpy(b, dmt->newname); strcpy(b, dmt->newname);
@ -1421,7 +1436,7 @@ static struct dm_ioctl *_flatten(struct dm_task *dmt, unsigned repeat_count)
return dmi; return dmi;
bad: bad:
dm_free(dmi); _dm_zfree_dmi(dmi);
return NULL; return NULL;
} }
@ -1782,7 +1797,7 @@ static struct dm_ioctl *_do_dm_ioctl(struct dm_task *dmt, unsigned command,
"failed: %s", "failed: %s",
_cmd_data_v4[dmt->type].name, _cmd_data_v4[dmt->type].name,
strerror(errno)); strerror(errno));
dm_free(dmi); _dm_zfree_dmi(dmi);
return NULL; return NULL;
} }
} }
@ -1853,7 +1868,7 @@ repeat_ioctl:
case DM_DEVICE_TABLE: case DM_DEVICE_TABLE:
case DM_DEVICE_WAITEVENT: case DM_DEVICE_WAITEVENT:
_ioctl_buffer_double_factor++; _ioctl_buffer_double_factor++;
dm_free(dmi); _dm_zfree_dmi(dmi);
goto repeat_ioctl; goto repeat_ioctl;
default: default:
log_error("WARNING: libdevmapper buffer too small for data"); log_error("WARNING: libdevmapper buffer too small for data");
@ -1911,13 +1926,12 @@ repeat_ioctl:
} }
/* Was structure reused? */ /* Was structure reused? */
if (dmt->dmi.v4) _dm_zfree_dmi(dmt->dmi.v4);
dm_free(dmt->dmi.v4);
dmt->dmi.v4 = dmi; dmt->dmi.v4 = dmi;
return 1; return 1;
bad: bad:
dm_free(dmi); _dm_zfree_dmi(dmi);
return 0; return 0;
} }

View File

@ -266,6 +266,7 @@ static int _parse_file(struct dm_task *dmt, const char *file)
r = 1; r = 1;
out: out:
memset(buffer, 0, buffer_size);
#ifndef HAVE_GETLINE #ifndef HAVE_GETLINE
dm_free(buffer); dm_free(buffer);
#else #else