/[imapfilter]/imapfilter/memory.c
ViewVC logotype

Annotation of /imapfilter/memory.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.11 - (hide annotations)
Fri Jul 26 18:18:42 2002 UTC (21 years, 8 months ago) by lefcha
Branch: MAIN
CVS Tags: release-0_8
Branch point for: release-0_8-patches
Changes since 1.10: +2 -1 lines
File MIME type: text/plain
New variable about mlock() warning.

1 lefcha 1.1 #include <stdlib.h>
2 lefcha 1.6 #include <unistd.h>
3     #include <sys/types.h>
4 lefcha 1.1 #include <string.h>
5     #include <errno.h>
6 lefcha 1.6 #include <sys/mman.h>
7     #include <sys/time.h>
8     #include <sys/resource.h>
9    
10 lefcha 1.1
11     #include "imapfilter.h"
12    
13 lefcha 1.4
14 lefcha 1.11 extern unsigned int options;
15 lefcha 1.6 extern uid_t ruid, euid;
16    
17     static secmem_t *smem = NULL; /* First node of secure memory linked list. */
18 lefcha 1.7
19 lefcha 1.6
20 lefcha 1.1 /*
21 lefcha 1.3 * A malloc() that checks the results and dies in case of error.
22 lefcha 1.1 */
23     void *xmalloc(size_t size)
24     {
25     void *ptr;
26 lefcha 1.2
27 lefcha 1.10 ptr = (void *)malloc(size);
28 lefcha 1.2
29 lefcha 1.1 if (!ptr)
30     fatal(ERROR_MEMORY_ALLOCATION,
31     "imapfilter: allocating memory; %s\n", strerror(errno));
32 lefcha 1.2
33 lefcha 1.1 return ptr;
34     }
35    
36    
37     /*
38 lefcha 1.3 * A realloc() that checks the results and dies in case of error.
39     */
40     void *xrealloc(void *ptr, size_t size)
41     {
42 lefcha 1.10 ptr = (void *)realloc(ptr, size);
43 lefcha 1.3
44     if (!ptr)
45     fatal(ERROR_MEMORY_ALLOCATION,
46     "imapfilter: allocating memory; %s\n", strerror(errno));
47    
48     return ptr;
49     }
50    
51    
52     /*
53 lefcha 1.5 * A free() that dies if fed with NULL pointer.
54     */
55     void xfree(void *ptr)
56     {
57     if (!ptr)
58     fatal(ERROR_MEMORY_ALLOCATION,
59     "imapfilter: NULL pointer given as argument");
60     free(ptr);
61     }
62    
63    
64     /*
65 lefcha 1.3 * A strdup() that checks the results and dies in case of error.
66 lefcha 1.1 */
67     char *xstrdup(const char *s)
68     {
69     char *cp;
70 lefcha 1.2
71 lefcha 1.1 cp = strdup(s);
72 lefcha 1.2
73 lefcha 1.1 if (!cp)
74     fatal(ERROR_MEMORY_ALLOCATION,
75     "imapfilter: allocating memory; %s\n", strerror(errno));
76 lefcha 1.2
77 lefcha 1.1 return cp;
78 lefcha 1.6 }
79    
80    
81     /*
82     * Secure memory malloc(). Locks memory and keeps information about the
83     * chunk that was allocated.
84     */
85     void *smalloc(size_t size)
86     {
87     int r;
88     void *ptr;
89     static int w = 0;
90     secmem_t *node;
91 lefcha 1.10
92 lefcha 1.6 ptr = xmalloc(size);
93 lefcha 1.10
94 lefcha 1.6 seteuid(euid); /* Gain root privileges. */
95     r = mlock(ptr, size);
96     seteuid(ruid); /* Drop root privileges. */
97 lefcha 1.10
98 lefcha 1.6 if (getuid() != geteuid())
99     fatal(ERROR_SETUID, "imapfilter: failed to drop privileges\n");
100 lefcha 1.10
101 lefcha 1.11 if (options & OPTION_WARNING && r && !w) {
102 lefcha 1.6 error("imapfilter: warning: using insecure memory\n");
103     w = 1;
104     }
105     node = (secmem_t *) xmalloc(sizeof(secmem_t));
106 lefcha 1.10
107 lefcha 1.6 node->buf = ptr;
108     node->size = size;
109     node->prev = node->next = NULL;
110 lefcha 1.10
111 lefcha 1.6 secmem_append(node);
112 lefcha 1.10
113 lefcha 1.6 return ptr;
114     }
115    
116    
117     /*
118     * Secure memory realloc(). Resize memory by allocating a new memory chunk
119     * and NULL fill old memory, in order to protect sensitive data.
120     */
121     void *srealloc(void *ptr, size_t size)
122     {
123     void *p;
124     secmem_t *node;
125 lefcha 1.10
126 lefcha 1.6 if (!(node = (secmem_t *) secmem_find(ptr))) {
127     ptr = xrealloc(ptr, size);
128     return ptr;
129     }
130     p = smalloc(size);
131     memcpy(p, node->buf, min(node->size, size));
132 lefcha 1.10
133 lefcha 1.6 memset(node->buf, 0, node->size);
134     secmem_remove(node);
135     xfree(node->buf);
136     xfree(node);
137 lefcha 1.10
138 lefcha 1.6 return p;
139     }
140    
141    
142     /*
143     * Secure memory free(). NULL fill memory before freeing it.
144     */
145     void sfree(void *ptr)
146     {
147     secmem_t *node;
148 lefcha 1.10
149 lefcha 1.6 if (!(node = (secmem_t *) secmem_find(ptr))) {
150     xfree(ptr);
151     return;
152     }
153     memset(node->buf, 0, node->size);
154    
155     secmem_remove(node);
156     xfree(node->buf);
157     xfree(node);
158     }
159    
160    
161     /*
162 lefcha 1.9 * Secure memory strdup(). Uses secure memory allocation.
163 lefcha 1.6 */
164     char *sstrdup(const char *s)
165     {
166     char *p;
167 lefcha 1.10
168     p = (char *)smalloc(strlen(s) + 1);
169 lefcha 1.6 xstrncpy(p, s, strlen(s));
170 lefcha 1.10
171 lefcha 1.6 return p;
172     }
173    
174    
175     /*
176     * Append information about the newly allocated memory buffer.
177     */
178 lefcha 1.10 void secmem_append(secmem_t * node)
179 lefcha 1.6 {
180     secmem_t *pos;
181     secmem_t **app;
182 lefcha 1.10
183 lefcha 1.6 app = &smem;
184     pos = smem;
185    
186     while (pos) {
187     node->prev = pos;
188     app = &(pos->next);
189     pos = pos->next;
190     }
191 lefcha 1.10
192 lefcha 1.6 *app = node;
193     }
194    
195    
196     /*
197     * Find the record of a memory buffer in the secure memory linked list.
198     */
199     secmem_t *secmem_find(void *ptr)
200     {
201     secmem_t *pos;
202 lefcha 1.10
203 lefcha 1.6 pos = smem;
204 lefcha 1.10
205     while (pos && pos->buf != ptr)
206 lefcha 1.6 pos = pos->next;
207 lefcha 1.10
208 lefcha 1.6 return pos;
209     }
210 lefcha 1.10
211 lefcha 1.6
212     /*
213     * Remove a record of a secure memory buffer.
214     */
215 lefcha 1.10 void secmem_remove(secmem_t * node)
216 lefcha 1.6 {
217     if (node->prev)
218     node->prev->next = node->next;
219     if (node->next)
220     node->next->prev = node->prev;
221     }
222    
223    
224     /*
225     * Overwrite/clear all secure memory.
226     */
227     void secmem_clear(void)
228     {
229     secmem_t *p;
230 lefcha 1.10
231 lefcha 1.6 for (p = smem; p; p = p->next)
232     sfree(p);
233     }
234    
235    
236     /*
237 lefcha 1.8 * Lock memory of allocated buffers.
238     */
239     void secmem_lock(void)
240     {
241     secmem_t *p;
242    
243     seteuid(euid); /* Gain root privileges. */
244     for (p = smem; p; p = p->next)
245     mlock(p->buf, p->size);
246     seteuid(ruid); /* Drop root privileges. */
247    
248     if (getuid() != geteuid())
249     fatal(ERROR_SETUID, "imapfilter: failed to drop privileges\n");
250     }
251    
252    
253     /*
254 lefcha 1.9 * Disable core file dumping.
255 lefcha 1.6 */
256     void corefile_disable(void)
257     {
258 lefcha 1.7 struct rlimit rl;
259    
260     getrlimit(RLIMIT_CORE, &rl);
261 lefcha 1.10
262 lefcha 1.7 rl.rlim_cur = rl.rlim_max = 0;
263     setrlimit(RLIMIT_CORE, &rl);
264 lefcha 1.2 }

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26