The branch, master has been updated via f9c15350998 lib:util: Use memset_s() in data_blob_clear() via 39bff1f90b9 libcli:smb: Avoid explicit ZERO_STRUCT via 6b2c6c0e56b libcli:auth: Use C99 initializers or ZERO_ARRAY instead of ZERO_STRUCT via 161d14f2009 lib:util: Sync memory.h with replace.h via e99ca99dfed lib:util: Cleanup comments in memory.h via 3611f18f136 replace: Use memset_s for ZERO_* macros via 255117a14f1 replace: Cleanup comments for ZERO_* via 9968217b880 replace: Add memset_s to replacement functions via 7eaa59686bb wafsamba: Do not remove BUILTINS as duplicates via 7a35a6874ad waf: Add missing libreplace deps to pyldb* from 63dc60767eb s3:auth_winbind: ignore a missing winbindd as NT4 PDC/BDC without trusts
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit f9c15350998bfcb9e71d3ab225c525c7cf589fca Author: Andreas Schneider <a...@samba.org> Date: Tue Dec 11 14:31:26 2018 +0100 lib:util: Use memset_s() in data_blob_clear() Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> Autobuild-User(master): Andrew Bartlett <abart...@samba.org> Autobuild-Date(master): Thu Dec 20 16:11:03 CET 2018 on sn-devel-144 commit 39bff1f90b9bdae02986fad10bd44384447bece9 Author: Andreas Schneider <a...@samba.org> Date: Thu Oct 18 11:26:44 2018 +0200 libcli:smb: Avoid explicit ZERO_STRUCT Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 6b2c6c0e56b048e29d97e7efe535ba56b41b10b5 Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 3 15:42:03 2018 +0100 libcli:auth: Use C99 initializers or ZERO_ARRAY instead of ZERO_STRUCT ZERO_STRUCT is not wrong here, it will give the same result, but better use macros with correct naming as it makes clear what happens when you read the code. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 161d14f200933855ccd3b12ff228079333bc72f7 Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 3 15:37:03 2018 +0100 lib:util: Sync memory.h with replace.h We can't remove memory.h as this is a public header file. So we need to duplicate them from replace.h Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit e99ca99dfed85bdc5c2206f59aec3782f4f5a62b Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 3 15:35:58 2018 +0100 lib:util: Cleanup comments in memory.h Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 3611f18f136b14833cc650856c8d86904299eb5a Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 3 15:31:30 2018 +0100 replace: Use memset_s for ZERO_* macros Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 255117a14f117fa91fc68bf349962e3235a96acf Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 3 15:27:32 2018 +0100 replace: Cleanup comments for ZERO_* Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 9968217b88016c223ecae64f6790d6cfaa4bd340 Author: Andreas Schneider <a...@samba.org> Date: Tue Dec 11 18:09:14 2018 +0100 replace: Add memset_s to replacement functions Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7eaa59686bb9707678d3dba2f8e9565b91256235 Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 17 21:40:55 2018 +0100 wafsamba: Do not remove BUILTINS as duplicates BUILTINS add object files to the target, so we can't remove them as duplicates. The issue e.g happens when tevent wants to link libreplace: 20:04:10 deps removing dups from tevent of type LIBRARY: {'replace'} also in LIBRARY talloc Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> commit 7a35a6874add19277647fff70c0d730ef1efa85a Author: Andreas Schneider <a...@samba.org> Date: Wed Dec 19 09:34:12 2018 +0100 waf: Add missing libreplace deps to pyldb* This will require memset_s() because of a later commit moving ZERO_STRUCT to use memset_s(). Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Alexander Bokovoy <a...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> ----------------------------------------------------------------------- Summary of changes: buildtools/wafsamba/samba_deps.py | 5 ++++ lib/ldb/wscript | 4 ++-- lib/replace/README | 1 + lib/replace/replace.h | 36 ++++++++++++++++------------ lib/replace/wscript | 2 +- lib/util/data_blob.c | 2 +- lib/util/memory.h | 50 ++++++++++++++++++++++----------------- libcli/auth/credentials.c | 15 +++++------- libcli/smb/smb2_signing.c | 6 ++--- 9 files changed, 67 insertions(+), 54 deletions(-) Changeset truncated at 500 lines: diff --git a/buildtools/wafsamba/samba_deps.py b/buildtools/wafsamba/samba_deps.py index d6b7c0f88d6..f8c38809bd2 100644 --- a/buildtools/wafsamba/samba_deps.py +++ b/buildtools/wafsamba/samba_deps.py @@ -719,6 +719,11 @@ def reduce_objects(bld, tgt_list): if t.sname in rely_on: dup = dup.difference(rely_on[t.sname]) if dup: + # Do not remove duplicates of BUILTINS + d = next(iter(dup)) + if BUILTIN_LIBRARY(bld, d): + continue + debug('deps: removing dups from %s of type %s: %s also in %s %s', t.sname, t.samba_type, dup, t2.samba_type, l) new = new.difference(dup) diff --git a/lib/ldb/wscript b/lib/ldb/wscript index 49517d2770d..037245f0877 100644 --- a/lib/ldb/wscript +++ b/lib/ldb/wscript @@ -248,7 +248,7 @@ def build(bld): name = bld.pyembed_libname('pyldb-util') bld.SAMBA_LIBRARY(name, - deps='ldb', + deps='replace ldb', source='pyldb_util.c', public_headers=('' if private_library else 'pyldb.h'), public_headers_install=not private_library, @@ -262,7 +262,7 @@ def build(bld): if not bld.CONFIG_SET('USING_SYSTEM_LDB'): bld.SAMBA_PYTHON('pyldb', 'pyldb.c', - deps='ldb ' + name, + deps='replace ldb ' + name, realname='ldb.so', cflags='-DPACKAGE_VERSION=\"%s\"' % VERSION) diff --git a/lib/replace/README b/lib/replace/README index 9dd4f7305f3..6612eabd22a 100644 --- a/lib/replace/README +++ b/lib/replace/README @@ -73,6 +73,7 @@ symlink realpath poll setproctitle +memset_s Types: bool diff --git a/lib/replace/replace.h b/lib/replace/replace.h index c66720b1765..76898f013f8 100644 --- a/lib/replace/replace.h +++ b/lib/replace/replace.h @@ -805,32 +805,38 @@ typedef unsigned long long ptrdiff_t ; #define __location__ __FILE__ ":" __LINESTR__ #endif -/** - * zero a structure +/** + * Zero a structure. */ -#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x)) +#define ZERO_STRUCT(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x)) -/** - * zero a structure given a pointer to the structure +/** + * Zero a structure given a pointer to the structure. */ -#define ZERO_STRUCTP(x) do { if ((x) != NULL) memset((char *)(x), 0, sizeof(*(x))); } while(0) +#define ZERO_STRUCTP(x) do { \ + if ((x) != NULL) { \ + memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))); \ + } \ +} while(0) -/** - * zero a structure given a pointer to the structure - no zero check +/** + * Zero a structure given a pointer to the structure - no zero check */ -#define ZERO_STRUCTPN(x) memset((char *)(x), 0, sizeof(*(x))) +#define ZERO_STRUCTPN(x) memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))) -/* zero an array - note that sizeof(array) must work - ie. it must not be a - pointer */ -#define ZERO_ARRAY(x) memset((char *)(x), 0, sizeof(x)) +/** + * Zero an array - note that sizeof(array) must work - ie. it must not be a + * pointer + */ +#define ZERO_ARRAY(x) memset_s((char *)(x), sizeof(x), 0, sizeof(x)) /** - * work out how many elements there are in a static array + * Work out how many elements there are in a static array. */ #define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0])) -/** - * pointer difference macro +/** + * Pointer difference macro */ #define PTR_DIFF(p1,p2) ((ptrdiff_t)(((const char *)(p1)) - (const char *)(p2))) diff --git a/lib/replace/wscript b/lib/replace/wscript index 173d7e6d29a..6cbae932b20 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -791,7 +791,7 @@ REPLACEMENT_FUNCTIONS = { 'utime', 'utimes', 'dup2', 'chown', 'link', 'readlink', 'symlink', 'lchown', 'realpath', 'memmem', 'vdprintf', 'dprintf', 'get_current_dir_name', - 'strerror_r', 'clock_gettime'], + 'strerror_r', 'clock_gettime', 'memset_s'], 'timegm.c': ['timegm'], # Note: C99_VSNPRINTF is not a function, but a special condition # for replacement diff --git a/lib/util/data_blob.c b/lib/util/data_blob.c index 4723669858c..6dc58c495db 100644 --- a/lib/util/data_blob.c +++ b/lib/util/data_blob.c @@ -94,7 +94,7 @@ clear a DATA_BLOB's contents _PUBLIC_ void data_blob_clear(DATA_BLOB *d) { if (d->data) { - memset(d->data, 0, d->length); + memset_s(d->data, d->length, 0, d->length); } } diff --git a/lib/util/memory.h b/lib/util/memory.h index 099dfbb694e..3278f6b3c21 100644 --- a/lib/util/memory.h +++ b/lib/util/memory.h @@ -1,19 +1,19 @@ -/* +/* Unix SMB/CIFS implementation. Samba utility functions Copyright (C) Andrew Tridgell 1992-1999 Copyright (C) Jelmer Vernooij <jel...@samba.org> 2008 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -31,8 +31,8 @@ #define SAFE_FREE(x) do { if ((x) != NULL) {free(x); (x)=NULL;} } while(0) #endif -/** - * Type-safe version of malloc. Allocated one copy of the +/** + * Type-safe version of malloc. Allocated one copy of the * specified data type. */ #define malloc_p(type) (type *)malloc(sizeof(type)) @@ -42,47 +42,53 @@ */ #define malloc_array_p(type, count) (type *)realloc_array(NULL, sizeof(type), count, false) -/** +/** * Resize an array of elements of one data type. Does type-checking. */ #define realloc_p(p, type, count) (type *)realloc_array(p, sizeof(type), count, false) -/** - * zero a structure +/** + * Zero a structure. */ #ifndef ZERO_STRUCT -#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x)) +#define ZERO_STRUCT(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x)) #endif -/** - * zero a structure given a pointer to the structure +/** + * Zero a structure given a pointer to the structure. */ #ifndef ZERO_STRUCTP -#define ZERO_STRUCTP(x) do { if ((x) != NULL) memset((char *)(x), 0, sizeof(*(x))); } while(0) +#define ZERO_STRUCTP(x) do { \ + if ((x) != NULL) { \ + memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))); \ + } \ +} while(0) #endif -/** - * zero a structure given a pointer to the structure - no zero check +/** + * Zero a structure given a pointer to the structure - no zero check. */ #ifndef ZERO_STRUCTPN -#define ZERO_STRUCTPN(x) memset((char *)(x), 0, sizeof(*(x))) +#define ZERO_STRUCTPN(x) memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))) #endif -/* zero an array - note that sizeof(array) must work - ie. it must not be a - pointer */ +/** + * Zero an array - note that sizeof(array) must work - ie. it must not be a + * pointer. + */ #ifndef ZERO_ARRAY -#define ZERO_ARRAY(x) memset((char *)(x), 0, sizeof(x)) +#define ZERO_ARRAY(x) memset_s((char *)(x), sizeof(x), 0, sizeof(x)) #endif /** - * work out how many elements there are in a static array + * Work out how many elements there are in a static array */ #ifndef ARRAY_SIZE #define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0])) #endif -/** - * pointer difference macro +/** + * Pointer difference macro. */ #ifndef PTR_DIFF #define PTR_DIFF(p1,p2) ((ptrdiff_t)(((const char *)(p1)) - (const char *)(p2))) diff --git a/libcli/auth/credentials.c b/libcli/auth/credentials.c index acf88c923aa..b6c8ba281ba 100644 --- a/libcli/auth/credentials.c +++ b/libcli/auth/credentials.c @@ -32,10 +32,9 @@ static void netlogon_creds_step_crypt(struct netlogon_creds_CredentialState *cre { if (creds->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) { AES_KEY key; - uint8_t iv[AES_BLOCK_SIZE]; + uint8_t iv[AES_BLOCK_SIZE] = {0}; AES_set_encrypt_key(creds->session_key, 128, &key); - ZERO_STRUCT(iv); aes_cfb8_encrypt(in->data, out->data, 8, &key, iv, AES_ENCRYPT); } else { @@ -62,7 +61,7 @@ static void netlogon_creds_init_64bit(struct netlogon_creds_CredentialState *cre SIVAL(sum2,0,sum[0]); SIVAL(sum2,4,sum[1]); - ZERO_STRUCT(creds->session_key); + ZERO_ARRAY(creds->session_key); des_crypt128(creds->session_key, sum2, machine_password->hash); } @@ -81,7 +80,7 @@ static void netlogon_creds_init_128bit(struct netlogon_creds_CredentialState *cr HMACMD5Context ctx; MD5_CTX md5; - ZERO_STRUCT(creds->session_key); + ZERO_ARRAY(creds->session_key); memset(zero, 0, sizeof(zero)); @@ -108,7 +107,7 @@ static void netlogon_creds_init_hmac_sha256(struct netlogon_creds_CredentialStat struct HMACSHA256Context ctx; uint8_t digest[SHA256_DIGEST_LENGTH]; - ZERO_STRUCT(creds->session_key); + ZERO_ARRAY(creds->session_key); hmac_sha256_init(machine_password->hash, sizeof(machine_password->hash), @@ -228,10 +227,9 @@ void netlogon_creds_arcfour_crypt(struct netlogon_creds_CredentialState *creds, void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) { AES_KEY key; - uint8_t iv[AES_BLOCK_SIZE]; + uint8_t iv[AES_BLOCK_SIZE] = {0}; AES_set_encrypt_key(creds->session_key, 128, &key); - ZERO_STRUCT(iv); aes_cfb8_encrypt(data, data, len, &key, iv, AES_ENCRYPT); } @@ -242,10 +240,9 @@ void netlogon_creds_aes_encrypt(struct netlogon_creds_CredentialState *creds, ui void netlogon_creds_aes_decrypt(struct netlogon_creds_CredentialState *creds, uint8_t *data, size_t len) { AES_KEY key; - uint8_t iv[AES_BLOCK_SIZE]; + uint8_t iv[AES_BLOCK_SIZE] = {0}; AES_set_encrypt_key(creds->session_key, 128, &key); - ZERO_STRUCT(iv); aes_cfb8_encrypt(data, data, len, &key, iv, AES_DECRYPT); } diff --git a/libcli/smb/smb2_signing.c b/libcli/smb/smb2_signing.c index 90d80cc9ba0..614a2b32dc0 100644 --- a/libcli/smb/smb2_signing.c +++ b/libcli/smb/smb2_signing.c @@ -65,9 +65,8 @@ NTSTATUS smb2_signing_sign_pdu(DATA_BLOB signing_key, if (protocol >= PROTOCOL_SMB2_24) { struct aes_cmac_128_context ctx; - uint8_t key[AES_BLOCK_SIZE]; + uint8_t key[AES_BLOCK_SIZE] = {0}; - ZERO_STRUCT(key); memcpy(key, signing_key.data, MIN(signing_key.length, 16)); aes_cmac_128_init(&ctx, key); @@ -137,9 +136,8 @@ NTSTATUS smb2_signing_check_pdu(DATA_BLOB signing_key, if (protocol >= PROTOCOL_SMB2_24) { struct aes_cmac_128_context ctx; - uint8_t key[AES_BLOCK_SIZE]; + uint8_t key[AES_BLOCK_SIZE] = {0}; - ZERO_STRUCT(key); memcpy(key, signing_key.data, MIN(signing_key.length, 16)); aes_cmac_128_init(&ctx, key); -- Samba Shared Repository