23 |
{ |
{ |
24 |
void *ptr; |
void *ptr; |
25 |
|
|
26 |
ptr = (void *) malloc(size); |
ptr = (void *)malloc(size); |
27 |
|
|
28 |
if (!ptr) |
if (!ptr) |
29 |
fatal(ERROR_MEMORY_ALLOCATION, |
fatal(ERROR_MEMORY_ALLOCATION, |
38 |
*/ |
*/ |
39 |
void *xrealloc(void *ptr, size_t size) |
void *xrealloc(void *ptr, size_t size) |
40 |
{ |
{ |
41 |
ptr = (void *) realloc(ptr, size); |
ptr = (void *)realloc(ptr, size); |
42 |
|
|
43 |
if (!ptr) |
if (!ptr) |
44 |
fatal(ERROR_MEMORY_ALLOCATION, |
fatal(ERROR_MEMORY_ALLOCATION, |
87 |
void *ptr; |
void *ptr; |
88 |
static int w = 0; |
static int w = 0; |
89 |
secmem_t *node; |
secmem_t *node; |
90 |
|
|
91 |
ptr = xmalloc(size); |
ptr = xmalloc(size); |
92 |
|
|
93 |
seteuid(euid); /* Gain root privileges. */ |
seteuid(euid); /* Gain root privileges. */ |
94 |
r = mlock(ptr, size); |
r = mlock(ptr, size); |
95 |
seteuid(ruid); /* Drop root privileges. */ |
seteuid(ruid); /* Drop root privileges. */ |
96 |
|
|
97 |
if (getuid() != geteuid()) |
if (getuid() != geteuid()) |
98 |
fatal(ERROR_SETUID, "imapfilter: failed to drop privileges\n"); |
fatal(ERROR_SETUID, "imapfilter: failed to drop privileges\n"); |
99 |
|
|
100 |
if (r && !w) { |
if (r && !w) { |
101 |
error("imapfilter: warning: using insecure memory\n"); |
error("imapfilter: warning: using insecure memory\n"); |
102 |
w = 1; |
w = 1; |
103 |
} |
} |
|
|
|
104 |
node = (secmem_t *) xmalloc(sizeof(secmem_t)); |
node = (secmem_t *) xmalloc(sizeof(secmem_t)); |
105 |
|
|
106 |
node->buf = ptr; |
node->buf = ptr; |
107 |
node->size = size; |
node->size = size; |
108 |
node->prev = node->next = NULL; |
node->prev = node->next = NULL; |
109 |
|
|
110 |
secmem_append(node); |
secmem_append(node); |
111 |
|
|
112 |
return ptr; |
return ptr; |
113 |
} |
} |
114 |
|
|
121 |
{ |
{ |
122 |
void *p; |
void *p; |
123 |
secmem_t *node; |
secmem_t *node; |
124 |
|
|
125 |
if (!(node = (secmem_t *) secmem_find(ptr))) { |
if (!(node = (secmem_t *) secmem_find(ptr))) { |
126 |
ptr = xrealloc(ptr, size); |
ptr = xrealloc(ptr, size); |
127 |
return ptr; |
return ptr; |
128 |
} |
} |
|
|
|
129 |
p = smalloc(size); |
p = smalloc(size); |
130 |
memcpy(p, node->buf, min(node->size, size)); |
memcpy(p, node->buf, min(node->size, size)); |
131 |
|
|
132 |
memset(node->buf, 0, node->size); |
memset(node->buf, 0, node->size); |
133 |
secmem_remove(node); |
secmem_remove(node); |
134 |
xfree(node->buf); |
xfree(node->buf); |
135 |
xfree(node); |
xfree(node); |
136 |
|
|
137 |
return p; |
return p; |
138 |
} |
} |
139 |
|
|
144 |
void sfree(void *ptr) |
void sfree(void *ptr) |
145 |
{ |
{ |
146 |
secmem_t *node; |
secmem_t *node; |
147 |
|
|
148 |
if (!(node = (secmem_t *) secmem_find(ptr))) { |
if (!(node = (secmem_t *) secmem_find(ptr))) { |
149 |
xfree(ptr); |
xfree(ptr); |
150 |
return; |
return; |
151 |
} |
} |
|
|
|
152 |
memset(node->buf, 0, node->size); |
memset(node->buf, 0, node->size); |
153 |
|
|
154 |
secmem_remove(node); |
secmem_remove(node); |
163 |
char *sstrdup(const char *s) |
char *sstrdup(const char *s) |
164 |
{ |
{ |
165 |
char *p; |
char *p; |
166 |
|
|
167 |
p = (char *) smalloc(strlen(s) + 1); |
p = (char *)smalloc(strlen(s) + 1); |
168 |
xstrncpy(p, s, strlen(s)); |
xstrncpy(p, s, strlen(s)); |
169 |
|
|
170 |
return p; |
return p; |
171 |
} |
} |
172 |
|
|
174 |
/* |
/* |
175 |
* Append information about the newly allocated memory buffer. |
* Append information about the newly allocated memory buffer. |
176 |
*/ |
*/ |
177 |
void secmem_append(secmem_t *node) |
void secmem_append(secmem_t * node) |
178 |
{ |
{ |
179 |
secmem_t *pos; |
secmem_t *pos; |
180 |
secmem_t **app; |
secmem_t **app; |
181 |
|
|
182 |
app = &smem; |
app = &smem; |
183 |
pos = smem; |
pos = smem; |
184 |
|
|
187 |
app = &(pos->next); |
app = &(pos->next); |
188 |
pos = pos->next; |
pos = pos->next; |
189 |
} |
} |
190 |
|
|
191 |
*app = node; |
*app = node; |
192 |
} |
} |
193 |
|
|
198 |
secmem_t *secmem_find(void *ptr) |
secmem_t *secmem_find(void *ptr) |
199 |
{ |
{ |
200 |
secmem_t *pos; |
secmem_t *pos; |
201 |
|
|
202 |
pos = smem; |
pos = smem; |
203 |
|
|
204 |
while(pos && pos->buf != ptr) |
while (pos && pos->buf != ptr) |
205 |
pos = pos->next; |
pos = pos->next; |
206 |
|
|
207 |
return pos; |
return pos; |
208 |
} |
} |
209 |
|
|
210 |
|
|
211 |
/* |
/* |
212 |
* Remove a record of a secure memory buffer. |
* Remove a record of a secure memory buffer. |
213 |
*/ |
*/ |
214 |
void secmem_remove(secmem_t *node) |
void secmem_remove(secmem_t * node) |
215 |
{ |
{ |
216 |
if (node->prev) |
if (node->prev) |
217 |
node->prev->next = node->next; |
node->prev->next = node->next; |
226 |
void secmem_clear(void) |
void secmem_clear(void) |
227 |
{ |
{ |
228 |
secmem_t *p; |
secmem_t *p; |
229 |
|
|
230 |
for (p = smem; p; p = p->next) |
for (p = smem; p; p = p->next) |
231 |
sfree(p); |
sfree(p); |
232 |
} |
} |
257 |
struct rlimit rl; |
struct rlimit rl; |
258 |
|
|
259 |
getrlimit(RLIMIT_CORE, &rl); |
getrlimit(RLIMIT_CORE, &rl); |
260 |
|
|
261 |
rl.rlim_cur = rl.rlim_max = 0; |
rl.rlim_cur = rl.rlim_max = 0; |
262 |
setrlimit(RLIMIT_CORE, &rl); |
setrlimit(RLIMIT_CORE, &rl); |
263 |
} |
} |