From c4404762701c7073e1f85d7f89834b5ddd59e749 Mon Sep 17 00:00:00 2001 From: Curtis McEnroe Date: Thu, 31 Oct 2019 19:04:43 -0400 Subject: Use explicit_bzero to clear passwords GNU doesn't implement memset_s, but both FreeBSD and GNU implement explicit_bzero. Darwin doesn't, so #define it in terms of memset_s. --- bounce.c | 9 ++++----- bounce.h | 5 +++++ client.c | 4 ++-- config.c | 2 ++ ring.c | 4 ++-- server.c | 4 ++-- state.c | 7 +++---- 7 files changed, 20 insertions(+), 15 deletions(-) diff --git a/bounce.c b/bounce.c index b89e90a..49bc0f9 100644 --- a/bounce.c +++ b/bounce.c @@ -14,7 +14,7 @@ * along with this program. If not, see . */ -#define __STDC_WANT_LIB_EXT1__ 1 +#include "bounce.h" #include #include @@ -26,6 +26,7 @@ #include #include #include +#include #include #include #include @@ -33,8 +34,6 @@ #include #include -#include "bounce.h" - #ifndef SIGINFO #define SIGINFO SIGUSR2 #endif @@ -197,8 +196,8 @@ int main(int argc, char *argv[]) { int server = serverConnect(insecure, host, port); stateLogin(pass, auth, nick, user, real); - if (pass) memset_s(pass, strlen(pass), 0, strlen(pass)); - if (auth) memset_s(auth, strlen(auth), 0, strlen(auth)); + if (pass) explicit_bzero(pass, strlen(pass)); + if (auth) explicit_bzero(auth, strlen(auth)); while (!stateReady()) serverRecv(); serverFormat("AWAY :%s\r\n", away); diff --git a/bounce.h b/bounce.h index 5e6313b..5a03af2 100644 --- a/bounce.h +++ b/bounce.h @@ -14,6 +14,11 @@ * along with this program. If not, see . */ +#ifdef __APPLE__ +#define __STDC_WANT_LIB_EXT1__ 1 +#define explicit_bzero(b, len) memset_s((b), (len), 0, (len)) +#endif + #include #include #include diff --git a/client.c b/client.c index bcb281f..c951590 100644 --- a/client.c +++ b/client.c @@ -14,6 +14,8 @@ * along with this program. If not, see . */ +#include "bounce.h" + #include #include #include @@ -24,8 +26,6 @@ #include #include -#include "bounce.h" - enum Need { NeedNick = 1 << 0, NeedUser = 1 << 1, diff --git a/config.c b/config.c index adf2b34..1d608d6 100644 --- a/config.c +++ b/config.c @@ -14,6 +14,8 @@ * along with this program. If not, see . */ +#include "bounce.h" + #include #include #include diff --git a/ring.c b/ring.c index 5fb9daa..aca33a0 100644 --- a/ring.c +++ b/ring.c @@ -14,6 +14,8 @@ * along with this program. If not, see . */ +#include "bounce.h" + #include #include #include @@ -21,8 +23,6 @@ #include #include -#include "bounce.h" - static struct { size_t len; char **lines; diff --git a/server.c b/server.c index d0181bb..e1fc328 100644 --- a/server.c +++ b/server.c @@ -14,6 +14,8 @@ * along with this program. If not, see . */ +#include "bounce.h" + #include #include #include @@ -27,8 +29,6 @@ #include #include -#include "bounce.h" - static struct tls *client; int serverConnect(bool insecure, const char *host, const char *port) { diff --git a/state.c b/state.c index 37df845..c980ad7 100644 --- a/state.c +++ b/state.c @@ -14,7 +14,7 @@ * along with this program. If not, see . */ -#define __STDC_WANT_LIB_EXT1__ 1 +#include "bounce.h" #include #include @@ -22,10 +22,9 @@ #include #include #include +#include #include -#include "bounce.h" - typedef void Handler(struct Message *msg); static void require(const struct Message *msg, bool origin, size_t len) { @@ -101,7 +100,7 @@ static void handleAuthenticate(struct Message *msg) { (void)msg; if (!plainBase64) errx(EX_PROTOCOL, "unsolicited AUTHENTICATE"); serverFormat("AUTHENTICATE %s\r\n", plainBase64); - memset_s(plainBase64, strlen(plainBase64), 0, strlen(plainBase64)); + explicit_bzero(plainBase64, strlen(plainBase64)); free(plainBase64); plainBase64 = NULL; } -- cgit 1.4.1