/[imapfilter]/imapfilter/memory.c
ViewVC logotype

Annotation of /imapfilter/memory.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.8 - (hide annotations)
Thu Jan 31 17:09:32 2002 UTC (22 years, 2 months ago) by lefcha
Branch: MAIN
Changes since 1.7: +17 -0 lines
File MIME type: text/plain
Added function to lock all secure memory currently allocated.

1 lefcha 1.1 #include <stdlib.h>
2 lefcha 1.6 #include <unistd.h>
3     #include <sys/types.h>
4 lefcha 1.1 #include <string.h>
5     #include <errno.h>
6 lefcha 1.6 #include <sys/mman.h>
7     #include <sys/time.h>
8     #include <sys/resource.h>
9    
10 lefcha 1.1
11     #include "imapfilter.h"
12    
13 lefcha 1.4
14 lefcha 1.6 extern uid_t ruid, euid;
15    
16     static secmem_t *smem = NULL; /* First node of secure memory linked list. */
17 lefcha 1.7
18 lefcha 1.6
19 lefcha 1.1 /*
20 lefcha 1.3 * A malloc() that checks the results and dies in case of error.
21 lefcha 1.1 */
22     void *xmalloc(size_t size)
23     {
24     void *ptr;
25 lefcha 1.2
26 lefcha 1.1 ptr = (void *) malloc(size);
27 lefcha 1.2
28 lefcha 1.1 if (!ptr)
29     fatal(ERROR_MEMORY_ALLOCATION,
30     "imapfilter: allocating memory; %s\n", strerror(errno));
31 lefcha 1.2
32 lefcha 1.1 return ptr;
33     }
34    
35    
36     /*
37 lefcha 1.3 * A realloc() that checks the results and dies in case of error.
38     */
39     void *xrealloc(void *ptr, size_t size)
40     {
41     ptr = (void *) realloc(ptr, size);
42    
43     if (!ptr)
44     fatal(ERROR_MEMORY_ALLOCATION,
45     "imapfilter: allocating memory; %s\n", strerror(errno));
46    
47     return ptr;
48     }
49    
50    
51     /*
52 lefcha 1.5 * A free() that dies if fed with NULL pointer.
53     */
54     void xfree(void *ptr)
55     {
56     if (!ptr)
57     fatal(ERROR_MEMORY_ALLOCATION,
58     "imapfilter: NULL pointer given as argument");
59     free(ptr);
60     }
61    
62    
63     /*
64 lefcha 1.3 * A strdup() that checks the results and dies in case of error.
65 lefcha 1.1 */
66     char *xstrdup(const char *s)
67     {
68     char *cp;
69 lefcha 1.2
70 lefcha 1.1 cp = strdup(s);
71 lefcha 1.2
72 lefcha 1.1 if (!cp)
73     fatal(ERROR_MEMORY_ALLOCATION,
74     "imapfilter: allocating memory; %s\n", strerror(errno));
75 lefcha 1.2
76 lefcha 1.1 return cp;
77 lefcha 1.6 }
78    
79    
80     /*
81     * Secure memory malloc(). Locks memory and keeps information about the
82     * chunk that was allocated.
83     */
84     void *smalloc(size_t size)
85     {
86     int r;
87     void *ptr;
88     static int w = 0;
89     secmem_t *node;
90    
91     ptr = xmalloc(size);
92    
93     seteuid(euid); /* Gain root privileges. */
94     r = mlock(ptr, size);
95     seteuid(ruid); /* Drop root privileges. */
96    
97     if (getuid() != geteuid())
98     fatal(ERROR_SETUID, "imapfilter: failed to drop privileges\n");
99    
100     if (r && !w) {
101     error("imapfilter: warning: using insecure memory\n");
102     w = 1;
103     }
104    
105     node = (secmem_t *) xmalloc(sizeof(secmem_t));
106    
107     node->buf = ptr;
108     node->size = size;
109     node->prev = node->next = NULL;
110    
111     secmem_append(node);
112    
113     return ptr;
114     }
115    
116    
117     /*
118     * Secure memory realloc(). Resize memory by allocating a new memory chunk
119     * and NULL fill old memory, in order to protect sensitive data.
120     */
121     void *srealloc(void *ptr, size_t size)
122     {
123     void *p;
124     secmem_t *node;
125    
126     if (!(node = (secmem_t *) secmem_find(ptr))) {
127     ptr = xrealloc(ptr, size);
128     return ptr;
129     }
130    
131     p = smalloc(size);
132     memcpy(p, node->buf, min(node->size, size));
133    
134     memset(node->buf, 0, node->size);
135     secmem_remove(node);
136     xfree(node->buf);
137     xfree(node);
138    
139     return p;
140     }
141    
142    
143     /*
144     * Secure memory free(). NULL fill memory before freeing it.
145     */
146     void sfree(void *ptr)
147     {
148     secmem_t *node;
149    
150     if (!(node = (secmem_t *) secmem_find(ptr))) {
151     xfree(ptr);
152     return;
153     }
154    
155     memset(node->buf, 0, node->size);
156    
157     secmem_remove(node);
158     xfree(node->buf);
159     xfree(node);
160     }
161    
162    
163     /*
164     * Secure strdup(). Uses secure memory allocation.
165     */
166     char *sstrdup(const char *s)
167     {
168     char *p;
169    
170     p = (char *) smalloc(strlen(s) + 1);
171     xstrncpy(p, s, strlen(s));
172    
173     return p;
174     }
175    
176    
177     /*
178     * Append information about the newly allocated memory buffer.
179     */
180     void secmem_append(secmem_t *node)
181     {
182     secmem_t *pos;
183     secmem_t **app;
184    
185     app = &smem;
186     pos = smem;
187    
188     while (pos) {
189     node->prev = pos;
190     app = &(pos->next);
191     pos = pos->next;
192     }
193    
194     *app = node;
195     }
196    
197    
198     /*
199     * Find the record of a memory buffer in the secure memory linked list.
200     */
201     secmem_t *secmem_find(void *ptr)
202     {
203     secmem_t *pos;
204    
205     pos = smem;
206    
207     while(pos && pos->buf != ptr)
208     pos = pos->next;
209    
210     return pos;
211     }
212    
213    
214     /*
215     * Remove a record of a secure memory buffer.
216     */
217     void secmem_remove(secmem_t *node)
218     {
219     if (node->prev)
220     node->prev->next = node->next;
221     if (node->next)
222     node->next->prev = node->prev;
223     }
224    
225    
226     /*
227     * Overwrite/clear all secure memory.
228     */
229     void secmem_clear(void)
230     {
231     secmem_t *p;
232    
233     for (p = smem; p; p = p->next)
234     sfree(p);
235     }
236    
237    
238     /*
239 lefcha 1.8 * Lock memory of allocated buffers.
240     */
241     void secmem_lock(void)
242     {
243     secmem_t *p;
244    
245     seteuid(euid); /* Gain root privileges. */
246     for (p = smem; p; p = p->next)
247     mlock(p->buf, p->size);
248     seteuid(ruid); /* Drop root privileges. */
249    
250     if (getuid() != geteuid())
251     fatal(ERROR_SETUID, "imapfilter: failed to drop privileges\n");
252     }
253    
254    
255     /*
256 lefcha 1.6 * Store original core file settings and disable core file dumping.
257     */
258     void corefile_disable(void)
259     {
260 lefcha 1.7 struct rlimit rl;
261    
262     getrlimit(RLIMIT_CORE, &rl);
263 lefcha 1.6
264 lefcha 1.7 rl.rlim_cur = rl.rlim_max = 0;
265     setrlimit(RLIMIT_CORE, &rl);
266 lefcha 1.2 }

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26