hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CIFS: zero sensitive data when freeing 

also replaces memset()+kfree() by kzfree().

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Cc: <stable@vger.kernel.org>
This commit is contained in:
Aurelien Aptel 2018-01-25 15:59:39 +01:00 committed by Steve French
parent 2026b06e9c
commit 97f4b7276b
3 changed files with 8 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fs/cifs/cifsencrypt.c
View File

@ -325,9 +325,8 @@ int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
{ {
int i; int i;
int rc; int rc;
char password_with_pad[CIFS_ENCPWD_SIZE]; char password_with_pad[CIFS_ENCPWD_SIZE] = {0};
memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
if (password) if (password)
strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE); strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);

6
fs/cifs/connect.c
View File

@ -1720,7 +1720,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
tmp_end++; tmp_end++;
if (!(tmp_end < end && tmp_end[1] == delim)) { if (!(tmp_end < end && tmp_end[1] == delim)) {
/* No it is not. Set the password to NULL */ /* No it is not. Set the password to NULL */
kfree(vol->password); kzfree(vol->password);
vol->password = NULL; vol->password = NULL;
break; break;
} }
@ -1758,7 +1758,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
options = end; options = end;
} }
kfree(vol->password); kzfree(vol->password);
/* Now build new password string */ /* Now build new password string */
temp_len = strlen(value); temp_len = strlen(value);
vol->password = kzalloc(temp_len+1, GFP_KERNEL); vol->password = kzalloc(temp_len+1, GFP_KERNEL);
@ -4356,7 +4356,7 @@ cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid)
reset_cifs_unix_caps(0, tcon, NULL, vol_info); reset_cifs_unix_caps(0, tcon, NULL, vol_info);
out: out:
kfree(vol_info->username); kfree(vol_info->username);
kfree(vol_info->password); kzfree(vol_info->password);
kfree(vol_info); kfree(vol_info);
return tcon; return tcon;

14
fs/cifs/misc.c
View File

@ -98,14 +98,11 @@ sesInfoFree(struct cifs_ses *buf_to_free)
kfree(buf_to_free->serverOS); kfree(buf_to_free->serverOS);
kfree(buf_to_free->serverDomain); kfree(buf_to_free->serverDomain);
kfree(buf_to_free->serverNOS); kfree(buf_to_free->serverNOS);
if (buf_to_free->password) { kzfree(buf_to_free->password);
memset(buf_to_free->password, 0, strlen(buf_to_free->password));
kfree(buf_to_free->password);
}
kfree(buf_to_free->user_name); kfree(buf_to_free->user_name);
kfree(buf_to_free->domainName); kfree(buf_to_free->domainName);
kfree(buf_to_free->auth_key.response); kzfree(buf_to_free->auth_key.response);
kfree(buf_to_free); kzfree(buf_to_free);
} }
struct cifs_tcon * struct cifs_tcon *
@ -136,10 +133,7 @@ tconInfoFree(struct cifs_tcon *buf_to_free)
} }
atomic_dec(&tconInfoAllocCount); atomic_dec(&tconInfoAllocCount);
kfree(buf_to_free->nativeFileSystem); kfree(buf_to_free->nativeFileSystem);
if (buf_to_free->password) { kzfree(buf_to_free->password);
memset(buf_to_free->password, 0, strlen(buf_to_free->password));
kfree(buf_to_free->password);
}
kfree(buf_to_free); kfree(buf_to_free);
} }