github
/
putty
зеркало из https://github.com/github/putty.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Change sensitive strbufs/sgrowarrays to the new _nm version. 

The _nm strategy is slower, so I don't want to just change everything
over no matter what its contents. In this pass I've tried to catch
everything that holds the _really_ sensitive things like passwords,
private keys and session keys.
This commit is contained in:
Simon Tatham 2019-03-01 19:28:00 +00:00
Родитель a7abc7c867
Коммит bde7b6b158
18 изменённых файлов: 53 добавлений и 53 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

30
import.c
Просмотреть файл

@ -313,7 +313,7 @@ static struct openssh_pem_key *load_openssh_pem_key(const Filename *filename,
int base64_chars = 0;
ret = snew(struct openssh_pem_key);
ret->keyblob = strbuf_new();
ret->keyblob = strbuf_new_nm();
fp = f_open(filename, "r", false);
if (!fp) {
@ -535,7 +535,7 @@ static ssh2_userkey *openssh_pem_read(
int i, num_integers;
ssh2_userkey *retval = NULL;
const char *errmsg;
strbuf *blob = strbuf_new();
strbuf *blob = strbuf_new_nm();
int privptr = 0, publen;
if (!key)
@ -794,11 +794,11 @@ static bool openssh_pem_write(
*/
pubblob = strbuf_new();
ssh_key_public_blob(key->key, BinarySink_UPCAST(pubblob));
privblob = strbuf_new();
privblob = strbuf_new_nm();
ssh_key_private_blob(key->key, BinarySink_UPCAST(privblob));
spareblob = NULL;
outblob = strbuf_new();
outblob = strbuf_new_nm();
/*
* Encode the OpenSSH key blob, and also decide on the header
@ -903,7 +903,7 @@ static bool openssh_pem_write(
footer = "-----END DSA PRIVATE KEY-----\n";
}
seq = strbuf_new();
seq = strbuf_new_nm();
for (i = 0; i < nnumbers; i++) {
put_ber_id_len(seq, 2, numbers[i].len, 0);
put_datapl(seq, numbers[i]);
@ -933,7 +933,7 @@ static bool openssh_pem_write(
oid = ec_alg_oid(ssh_key_alg(key->key), &oidlen);
pointlen = (ec->curve->fieldBits + 7) / 8 * 2;
seq = strbuf_new();
seq = strbuf_new_nm();
/* INTEGER 1 */
put_ber_id_len(seq, 2, 1, 0);
@ -1102,7 +1102,7 @@ static struct openssh_new_key *load_openssh_new_key(const Filename *filename,
unsigned key_index;
ret = snew(struct openssh_new_key);
ret->keyblob = strbuf_new();
ret->keyblob = strbuf_new_nm();
fp = f_open(filename, "r", false);
if (!fp) {
@ -1493,13 +1493,13 @@ static bool openssh_new_write(
*/
pubblob = strbuf_new();
ssh_key_public_blob(key->key, BinarySink_UPCAST(pubblob));
privblob = strbuf_new();
privblob = strbuf_new_nm();
ssh_key_openssh_blob(key->key, BinarySink_UPCAST(privblob));
/*
* Construct the cleartext version of the blob.
*/
cblob = strbuf_new();
cblob = strbuf_new_nm();
/* Magic number. */
put_asciz(cblob, "openssh-key-v1");
@ -1516,7 +1516,7 @@ static bool openssh_new_write(
random_read(bcrypt_salt, sizeof(bcrypt_salt));
put_stringz(cblob, "aes256-ctr");
put_stringz(cblob, "bcrypt");
substr = strbuf_new();
substr = strbuf_new_nm();
put_string(substr, bcrypt_salt, sizeof(bcrypt_salt));
put_uint32(substr, bcrypt_rounds);
put_stringsb(cblob, substr);
@ -1530,7 +1530,7 @@ static bool openssh_new_write(
/* Private section. */
{
strbuf *cpblob = strbuf_new();
strbuf *cpblob = strbuf_new_nm();
/* checkint. */
uint8_t checkint_buf[4];
@ -1718,7 +1718,7 @@ static struct sshcom_key *load_sshcom_key(const Filename *filename,
ret = snew(struct sshcom_key);
ret->comment[0] = '\0';
ret->keyblob = strbuf_new();
ret->keyblob = strbuf_new_nm();
fp = f_open(filename, "r", false);
if (!fp) {
@ -2060,7 +2060,7 @@ static ssh2_userkey *sshcom_read(
* construct public and private blobs in our own format, and
* end up feeding them to ssh_key_new_priv().
*/
blob = strbuf_new();
blob = strbuf_new_nm();
if (type == RSA) {
ptrlen n, e, d, u, p, q;
@ -2157,7 +2157,7 @@ static bool sshcom_write(
*/
pubblob = strbuf_new();
ssh_key_public_blob(key->key, BinarySink_UPCAST(pubblob));
privblob = strbuf_new();
privblob = strbuf_new_nm();
ssh_key_private_blob(key->key, BinarySink_UPCAST(privblob));
outblob = NULL;
@ -2225,7 +2225,7 @@ static bool sshcom_write(
goto error; /* unsupported key type */
}
outblob = strbuf_new();
outblob = strbuf_new_nm();
/*
* Create the unencrypted key blob.

2
proxy.c
Просмотреть файл

@ -1223,7 +1223,7 @@ int proxy_socks5_negotiate (ProxySocket *p, int change)
const char *username = conf_get_str(p->conf, CONF_proxy_username);
const char *password = conf_get_str(p->conf, CONF_proxy_password);
if (username[0] || password[0]) {
strbuf *auth = strbuf_new();
strbuf *auth = strbuf_new_nm();
put_byte(auth, 1); /* version number of subnegotiation */
if (!put_pstring(auth, username)) {
p->error = "Proxy error: SOCKS 5 authentication cannot "

2
sesschan.c
Просмотреть файл

@ -384,7 +384,7 @@ bool sesschan_enable_x11_forwarding(
*/
if (authdata_hex.len % 2)
return false; /* expected an even number of digits */
authdata_bin = strbuf_new();
authdata_bin = strbuf_new_nm();
for (i = 0; i < authdata_hex.len; i += 2) {
const unsigned char *hex = authdata_hex.ptr;
char hexbuf[3];

2
sftpcommon.c
Просмотреть файл

@ -18,7 +18,7 @@ static void sftp_pkt_BinarySink_write(
assert(length <= 0xFFFFFFFFU - pkt->length);
sgrowarrayn(pkt->data, pkt->maxlen, pkt->length, length);
sgrowarrayn_nm(pkt->data, pkt->maxlen, pkt->length, length);
memcpy(pkt->data + pkt->length, data, length);
pkt->length += length;
}

2
ssh1login-server.c
Просмотреть файл

@ -204,7 +204,7 @@ static void ssh1_login_server_process_queue(PacketProtocolLayer *ppl)
{
RSAKey *smaller, *larger;
strbuf *data = strbuf_new();
strbuf *data = strbuf_new_nm();
if (mp_get_nbits(s->hostkey->modulus) >
mp_get_nbits(s->servkey->modulus)) {

4
ssh1login.c
Просмотреть файл

@ -984,7 +984,7 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
put_stringz(pkt, s->cur_prompt->prompts[0]->result);
pq_push(s->ppl.out_pq, pkt);
} else {
strbuf *random_data = strbuf_new();
strbuf *random_data = strbuf_new_nm();
random_read(strbuf_append(random_data, i), i);
pkt = ssh_bpp_new_pktout(s->ppl.bpp, SSH1_MSG_IGNORE);
@ -1000,7 +1000,7 @@ static void ssh1_login_process_queue(PacketProtocolLayer *ppl)
* but can deal with padded passwords, so we
* can use the secondary defence.
*/
strbuf *padded_pw = strbuf_new();
strbuf *padded_pw = strbuf_new_nm();
ppl_logevent("Sending length-padded password");
pkt = ssh_bpp_new_pktout(s->ppl.bpp, s->pwpkt_type);

2
ssh2kex-client.c
Просмотреть файл

@ -565,7 +565,7 @@ void ssh2kex_coroutine(struct ssh2_transport_state *s, bool *aborted)
/*
* Encode this as an mpint.
*/
buf = strbuf_new();
buf = strbuf_new_nm();
put_mp_ssh2(buf, s->K);
/*

12
ssh2transport.c
Просмотреть файл

@ -1283,9 +1283,9 @@ static void ssh2_transport_process_queue(PacketProtocolLayer *ppl)
* session keys.
*/
{
strbuf *cipher_key = strbuf_new();
strbuf *cipher_iv = strbuf_new();
strbuf *mac_key = strbuf_new();
strbuf *cipher_key = strbuf_new_nm();
strbuf *cipher_iv = strbuf_new_nm();
strbuf *mac_key = strbuf_new_nm();
if (s->out.cipher) {
ssh2_mkkey(s, cipher_iv, s->K, s->exchange_hash,
@ -1338,9 +1338,9 @@ static void ssh2_transport_process_queue(PacketProtocolLayer *ppl)
* incoming session keys.
*/
{
strbuf *cipher_key = strbuf_new();
strbuf *cipher_iv = strbuf_new();
strbuf *mac_key = strbuf_new();
strbuf *cipher_key = strbuf_new_nm();
strbuf *cipher_iv = strbuf_new_nm();
strbuf *mac_key = strbuf_new_nm();
if (s->in.cipher) {
ssh2_mkkey(s, cipher_iv, s->K, s->exchange_hash,

2
sshcommon.c
Просмотреть файл

@ -232,7 +232,7 @@ PktOut *ssh_new_packet(void)
static void ssh_pkt_adddata(PktOut *pkt, const void *data, int len)
{
sgrowarrayn(pkt->data, pkt->maxlen, pkt->length, len);
sgrowarrayn_nm(pkt->data, pkt->maxlen, pkt->length, len);
memcpy(pkt->data + pkt->length, data, len);
pkt->length += len;
}

4
sshecc.c
Просмотреть файл

@ -770,7 +770,7 @@ static void eddsa_openssh_blob(ssh_key *key, BinarySink *bs)
put_epoint(pub_sb, ek->publicKey, ek->curve, false);
ptrlen pub = make_ptrlen(pub_sb->s + 4, pub_sb->len - 4);
strbuf *priv_sb = strbuf_new();
strbuf *priv_sb = strbuf_new_nm();
put_mp_le_unsigned(priv_sb, ek->privateKey);
ptrlen priv = make_ptrlen(priv_sb->s + 4, priv_sb->len - 4);
@ -1279,7 +1279,7 @@ static void ssh_ecdhkex_w_setup(ecdh_key *dh)
static void ssh_ecdhkex_m_setup(ecdh_key *dh)
{
strbuf *bytes = strbuf_new();
strbuf *bytes = strbuf_new_nm();
random_read(strbuf_append(bytes, dh->curve->fieldBytes),
dh->curve->fieldBytes);

2
sshhmac.c
Просмотреть файл

@ -110,7 +110,7 @@ static void hmac_key(ssh2_mac *mac, ptrlen key)
* the underlying hash, then we start by hashing the key, and
* use that hash as the 'true' key for the HMAC construction.
*/
sb = strbuf_new();
sb = strbuf_new_nm();
strbuf_append(sb, ctx->hashalg->hlen);
ssh_hash *htmp = ssh_hash_new(ctx->hashalg);

14
sshpubk.c
Просмотреть файл

@ -37,7 +37,7 @@ static int rsa_ssh1_load_main(FILE * fp, RSAKey *key, bool pub_only,
*error = NULL;
/* Slurp the whole file (minus the header) into a buffer. */
buf = strbuf_new();
buf = strbuf_new_nm();
{
int ch;
while ((ch = fgetc(fp)) != EOF)
@ -310,7 +310,7 @@ int rsa_ssh1_loadpub(const Filename *filename, BinarySink *bs,
bool rsa_ssh1_savekey(const Filename *filename, RSAKey *key,
char *passphrase)
{
strbuf *buf = strbuf_new();
strbuf *buf = strbuf_new_nm();
int estart;
FILE *fp;
@ -490,7 +490,7 @@ static bool read_header(FILE * fp, char *header)
static char *read_body(FILE * fp)
{
strbuf *buf = strbuf_new();
strbuf *buf = strbuf_new_nm();
while (1) {
int c = fgetc(fp);
@ -678,7 +678,7 @@ ssh2_userkey *ssh2_load_userkey(
goto error;
i = atoi(b);
sfree(b);
private_blob = strbuf_new();
private_blob = strbuf_new_nm();
if (!read_blob(fp, i, BinarySink_UPCAST(private_blob)))
goto error;
@ -728,7 +728,7 @@ ssh2_userkey *ssh2_load_userkey(
macdata = private_blob;
free_macdata = false;
} else {
macdata = strbuf_new();
macdata = strbuf_new_nm();
put_stringz(macdata, alg->ssh_id);
put_stringz(macdata, encryption);
put_stringz(macdata, comment);
@ -1236,7 +1236,7 @@ bool ssh2_save_userkey(
*/
pub_blob = strbuf_new();
ssh_key_public_blob(key->key, BinarySink_UPCAST(pub_blob));
priv_blob = strbuf_new();
priv_blob = strbuf_new_nm();
ssh_key_private_blob(key->key, BinarySink_UPCAST(priv_blob));
/*
@ -1267,7 +1267,7 @@ bool ssh2_save_userkey(
unsigned char mackey[20];
char header[] = "putty-private-key-file-mac-key";
macdata = strbuf_new();
macdata = strbuf_new_nm();
put_stringz(macdata, ssh_key_ssh_id(key->key));
put_stringz(macdata, cipherstr);
put_stringz(macdata, key->comment);

4
sshrsa.c
Просмотреть файл

@ -197,7 +197,7 @@ mp_int *rsa_ssh1_decrypt(mp_int *input, RSAKey *key)
bool rsa_ssh1_decrypt_pkcs1(mp_int *input, RSAKey *key,
strbuf *outbuf)
{
strbuf *data = strbuf_new();
strbuf *data = strbuf_new_nm();
bool success = false;
BinarySource src[1];
@ -872,7 +872,7 @@ strbuf *ssh_rsakex_encrypt(RSAKey *rsa, const ssh_hashalg *h, ptrlen in)
assert(in.len > 0 && in.len <= k - 2*HLEN - 2);
/* The length of the output data wants to be precisely k. */
strbuf *toret = strbuf_new();
strbuf *toret = strbuf_new_nm();
int outlen = k;
unsigned char *out = strbuf_append(toret, outlen);

8
sshshare.c
Просмотреть файл

@ -769,7 +769,7 @@ static void send_packet_to_downstream(struct ssh_sharing_connstate *cs,
int this_len = (data.len > chan->downstream_maxpkt ?
chan->downstream_maxpkt : data.len);
packet = strbuf_new();
packet = strbuf_new_nm();
put_uint32(packet, 0); /* placeholder for length field */
put_byte(packet, type);
put_uint32(packet, channel);
@ -785,7 +785,7 @@ static void send_packet_to_downstream(struct ssh_sharing_connstate *cs,
/*
* Just do the obvious thing.
*/
packet = strbuf_new();
packet = strbuf_new_nm();
put_uint32(packet, 0); /* placeholder for length field */
put_byte(packet, type);
put_data(packet, pkt, pktlen);
@ -1122,7 +1122,7 @@ void share_setup_x11_channel(ssh_sharing_connstate *cs, share_channel *chan,
chan->x11_auth_proto,
chan->x11_auth_data, chan->x11_auth_datalen,
peer_addr, peer_port, &greeting_len);
packet = strbuf_new();
packet = strbuf_new_nm();
put_uint32(packet, 0); /* leave the channel id field unfilled - we
* don't know the downstream id yet */
put_uint32(packet, greeting_len + initial_len);
@ -1691,7 +1691,7 @@ static void share_got_pkt_from_downstream(struct ssh_sharing_connstate *cs,
* containing our own auth data, and send that to the
* server.
*/
packet = strbuf_new();
packet = strbuf_new_nm();
put_uint32(packet, server_id);
put_stringz(packet, "x11-req");
put_bool(packet, want_reply);

4
sshzlib.c
Просмотреть файл

@ -615,7 +615,7 @@ void zlib_compress_block(ssh_compressor *sc,
bool in_block;
assert(!out->outbuf);
out->outbuf = strbuf_new();
out->outbuf = strbuf_new_nm();
/*
* If this is the first block, output the Zlib (RFC1950) header
@ -955,7 +955,7 @@ bool zlib_decompress_block(ssh_decompressor *dc,
};
assert(!dctx->outblk);
dctx->outblk = strbuf_new();
dctx->outblk = strbuf_new_nm();
while (len > 0 || dctx->nbits > 0) {
while (dctx->nbits < 24 && len > 0) {

2
telnet.c
Просмотреть файл

@ -506,7 +506,7 @@ static void process_subneg(Telnet *telnet)
static void do_telnet_read(Telnet *telnet, const char *buf, size_t len)
{
strbuf *outbuf = strbuf_new();
strbuf *outbuf = strbuf_new_nm();
while (len--) {
int c = (unsigned char) *buf++;

2
unix/ux_x11.c
Просмотреть файл

@ -58,7 +58,7 @@ int platform_make_x11_server(Plug *plug, const char *progname, int mindisp,
int displayno;
authfiledata = strbuf_new();
authfiledata = strbuf_new_nm();
int nsockets = 0;

8
utils.c
Просмотреть файл

@ -343,7 +343,7 @@ static char *dupvprintf_inner(char *buf, size_t oldlen, size_t *sizeptr,
size_t len, size;
size = *sizeptr;
sgrowarrayn(buf, size, oldlen, 512);
sgrowarrayn_nm(buf, size, oldlen, 512);
while (1) {
va_list aq;
@ -359,11 +359,11 @@ static char *dupvprintf_inner(char *buf, size_t oldlen, size_t *sizeptr,
} else if (len > 0) {
/* This is the C99 error condition: the returned length is
* the required buffer size not counting the NUL. */
sgrowarrayn(buf, size, oldlen, len + 1);
sgrowarrayn_nm(buf, size, oldlen, len + 1);
} else {
/* This is the pre-C99 glibc error condition: <0 means the
* buffer wasn't big enough, so we enlarge it a bit and hope. */
sgrowarray(buf, size, size);
sgrowarray_nm(buf, size, size);
}
}
}
@ -483,7 +483,7 @@ char *fgetline(FILE *fp)
len += strlen(ret + len);
if (len > 0 && ret[len-1] == '\n')
break; /* got a newline, we're done */
sgrowarrayn(ret, size, len, 512);
sgrowarrayn_nm(ret, size, len, 512);
}
if (len == 0) { /* first fgets returned NULL */
sfree(ret);