diff options
| author | Werner Koch <[email protected]> | 2015-10-01 11:21:25 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-10-02 08:58:40 +0000 |
| commit | ddf9dd135acd2b3635bb986f6dfc0e4e446d5fad (patch) | |
| tree | fc5e83d666ed95c6d2132c2d30bcada72a9ce575 | |
| parent | gpg: Fix a practical hang after use of --faked-system-time. (diff) | |
| download | gnupg-ddf9dd135acd2b3635bb986f6dfc0e4e446d5fad.tar.gz gnupg-ddf9dd135acd2b3635bb986f6dfc0e4e446d5fad.zip | |
agent: Fix alignment problem with the second passphrase struct.
* agent/genkey.c (agent_ask_new_passphrase): Use a separate malloc for
PI2. Check return value of the malloc function.
* agent/command-ssh.c (ssh_identity_register): Use a separate malloc
for PI2. Wipe PI2.
--
For whatever stupid reasons I once allocated only one memory area and
split that into PI and PI2. This is actually a common pattern with
malloc but here we used a made up object size and do not take the
extra alignment required into account. One of these not yet hit by
a (sig)bus PC/VAX hacker bugs.
Instead of trying to fix the alignment, it is better to use a second
calloc for the second struct.
GnuPG-bug-id: 2112
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to '')
| -rw-r--r-- | agent/command-ssh.c | 15 | ||||
| -rw-r--r-- | agent/genkey.c | 13 |
2 files changed, 23 insertions, 5 deletions
diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 8be125503..0aa0098f2 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -3070,7 +3070,8 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, char *comment = NULL; char *key_fpr = NULL; const char *initial_errtext = NULL; - struct pin_entry_info_s *pi = NULL, *pi2; + struct pin_entry_info_s *pi = NULL; + struct pin_entry_info_s *pi2 = NULL; err = ssh_key_grip (key, key_grip_raw); if (err) @@ -3101,13 +3102,18 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, goto out; } - pi = gcry_calloc_secure (2, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1); + pi = gcry_calloc_secure (1, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1); if (!pi) { err = gpg_error_from_syserror (); goto out; } - pi2 = pi + (sizeof *pi + MAX_PASSPHRASE_LEN + 1); + pi2 = gcry_calloc_secure (1, sizeof (*pi2) + MAX_PASSPHRASE_LEN + 1); + if (!pi2) + { + err = gpg_error_from_syserror (); + goto out; + } pi->max_length = MAX_PASSPHRASE_LEN + 1; pi->max_tries = 1; pi->with_repeat = 1; @@ -3155,6 +3161,9 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, out: + if (pi2 && pi2->max_length) + wipememory (pi2->pin, pi2->max_length); + xfree (pi2); if (pi && pi->max_length) wipememory (pi->pin, pi->max_length); xfree (pi); diff --git a/agent/genkey.c b/agent/genkey.c index 13858cae3..e8195c200 100644 --- a/agent/genkey.c +++ b/agent/genkey.c @@ -374,8 +374,16 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, return err; } - pi = gcry_calloc_secure (2, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1); - pi2 = pi + (sizeof *pi + MAX_PASSPHRASE_LEN + 1); + pi = gcry_calloc_secure (1, sizeof (*pi) + MAX_PASSPHRASE_LEN + 1); + if (!pi) + return gpg_error_from_syserror (); + pi2 = gcry_calloc_secure (1, sizeof (*pi2) + MAX_PASSPHRASE_LEN + 1); + if (!pi2) + { + err = gpg_error_from_syserror (); + xfree (pi2); + return err; + } pi->max_length = MAX_PASSPHRASE_LEN + 1; pi->max_tries = 3; pi->with_qualitybar = 1; @@ -422,6 +430,7 @@ agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt, } xfree (initial_errtext); + xfree (pi2); xfree (pi); return err; } |