Merge into trunk : rewrap-passphrase-cleanups : Code : eCryptfs

Status:	Merged
Approved by:	Colin Ian King on 2013-06-28
Approved revision:	782
Merged at revision:	779
Proposed branch:	lp:~tyhicks/ecryptfs/rewrap-passphrase-cleanups
Merge into:	lp:ecryptfs
Diff against target:	65 lines (+19/-6) 2 files modified debian/changelog (+5/-0) src/utils/ecryptfs_rewrap_passphrase.c (+14/-6)
To merge this branch:	bzr merge lp:~tyhicks/ecryptfs/rewrap-passphrase-cleanups
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
eCryptfs		2013-06-27	Pending
Review via email: mp+171912@code.launchpad.net

Description of the change

Fixes minor segfault in ecryptfs-rewrap-passphrase, as well as a bit of cleanup.

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2013-06-28:

#

Download full text (3.8 KiB)

Review: Approve
On Jun 27, 2013 2:58 PM, "Tyler Hicks" <email address hidden> wrote:

> Tyler Hicks has proposed merging
> lp:~tyhicks/ecryptfs/rewrap-passphrase-cleanups into lp:ecryptfs.
>
> Requested reviews:
> eCryptfs (ecryptfs)
>
> For more details, see:
>
> https://code.launchpad.net/~tyhicks/ecryptfs/rewrap-passphrase-cleanups/+merge/171912
>
> Fixes minor segfault in ecryptfs-rewrap-passphrase, as well as a bit of
> cleanup.
> --
>
> https://code.launchpad.net/~tyhicks/ecryptfs/rewrap-passphrase-cleanups/+merge/171912
> Your team eCryptfs is requested to review the proposed merge of
> lp:~tyhicks/ecryptfs/rewrap-passphrase-cleanups into lp:ecryptfs.
>
> === modified file 'debian/changelog'
> --- debian/changelog 2013-06-08 01:37:48 +0000
> +++ debian/changelog 2013-06-27 20:57:33 +0000
> @@ -21,6 +21,11 @@
> - adjust man page text to avoid confusion about whether the
> interactive
> mount helper takes a capital 'N' for the answer to y/n questions
> (LP: #1130460)
> + * src/utils/ecryptfs_rewrap_passphrase.c:
> + - Handle errors when interactively reading the new wrapping passphrase
> + and the confirmation from stdin. Fixes a segfault (invalid memory
> read)
> + in ecryptfs-rewrap-passphrase if there was an error while reading
> either
> + of these passphrases.
>
> [ Dustin Kirkland ]
> * src/utils/ecryptfs-setup-swap: LP: #1172014
>
> === modified file 'src/utils/ecryptfs_rewrap_passphrase.c'
> --- src/utils/ecryptfs_rewrap_passphrase.c 2011-12-13 20:51:40 +0000
> +++ src/utils/ecryptfs_rewrap_passphrase.c 2013-06-27 20:57:33 +0000
> @@ -42,12 +42,13 @@
> char passphrase[ECRYPTFS_MAX_PASSWORD_LENGTH + 1];
> char *old_wrapping_passphrase;
> char *new_wrapping_passphrase;
> - char *new_wrapping_passphrase2;
> char salt[ECRYPTFS_SALT_SIZE];
> char salt_hex[ECRYPTFS_SALT_SIZE_HEX];
> int rc = 0;
>
> if (argc == 2) {
> + char *new_wrapping_passphrase2;
> +
> /* interactive mode */
> old_wrapping_passphrase =
> ecryptfs_get_passphrase("Old wrapping passphrase");
> @@ -55,10 +56,17 @@
> ecryptfs_get_passphrase("New wrapping passphrase");
> new_wrapping_passphrase2 =
> ecryptfs_get_passphrase("New wrapping passphrase
> (again)");
> - if (
> - strlen(new_wrapping_passphrase) !=
> strlen(new_wrapping_passphrase2) ||
> - strncmp(new_wrapping_passphrase,
> new_wrapping_passphrase2, strlen(new_wrapping_passphrase))!=0
> - ) {
> +
> + if (!new_wrapping_passphrase) {
> + fprintf(stderr, "Failed to read new wrapping
> passphrase\n");
> + rc = 1;
> + goto out;
> + } else if (!new_wrapping_passphrase2) {
> + fprintf(stderr, "Failed to read new wrapping
> passphrase confirmation\n");
> + rc = 1;
> + goto out;
> + } else if (strcmp(new_wrapping_passphrase,
> + ...

Review: Approve
On Jun 27, 2013 2:58 PM, "Tyler Hicks" <tyhicks@canonical.com> wrote:

> Tyler Hicks has proposed merging
> lp:~tyhicks/ecryptfs/rewrap-passphrase-cleanups into lp:ecryptfs.
>
> Requested reviews:
>   eCryptfs (ecryptfs)
>
> For more details, see:
>
> https://code.launchpad.net/~tyhicks/ecryptfs/rewrap-passphrase-cleanups/+merge/171912
>
> Fixes minor segfault in ecryptfs-rewrap-passphrase, as well as a bit of
> cleanup.
> --
>
> https://code.launchpad.net/~tyhicks/ecryptfs/rewrap-passphrase-cleanups/+merge/171912
> Your team eCryptfs is requested to review the proposed merge of
> lp:~tyhicks/ecryptfs/rewrap-passphrase-cleanups into lp:ecryptfs.
>
> === modified file 'debian/changelog'
> --- debian/changelog    2013-06-08 01:37:48 +0000
> +++ debian/changelog    2013-06-27 20:57:33 +0000
> @@ -21,6 +21,11 @@
>      - adjust man page text to avoid confusion about whether the
> interactive
>        mount helper takes a capital 'N' for the answer to y/n questions
>        (LP: #1130460)
> +  * src/utils/ecryptfs_rewrap_passphrase.c:
> +    - Handle errors when interactively reading the new wrapping passphrase
> +      and the confirmation from stdin. Fixes a segfault (invalid memory
> read)
> +      in ecryptfs-rewrap-passphrase if there was an error while reading
> either
> +      of these passphrases.
>
>    [ Dustin Kirkland ]
>    * src/utils/ecryptfs-setup-swap: LP: #1172014
>
> === modified file 'src/utils/ecryptfs_rewrap_passphrase.c'
> --- src/utils/ecryptfs_rewrap_passphrase.c      2011-12-13 20:51:40 +0000
> +++ src/utils/ecryptfs_rewrap_passphrase.c      2013-06-27 20:57:33 +0000
> @@ -42,12 +42,13 @@
>         char passphrase[ECRYPTFS_MAX_PASSWORD_LENGTH + 1];
>         char *old_wrapping_passphrase;
>         char *new_wrapping_passphrase;
> -       char *new_wrapping_passphrase2;
>         char salt[ECRYPTFS_SALT_SIZE];
>         char salt_hex[ECRYPTFS_SALT_SIZE_HEX];
>         int rc = 0;
>
>         if (argc == 2) {
> +               char *new_wrapping_passphrase2;
> +
>                 /* interactive mode */
>                 old_wrapping_passphrase =
>                         ecryptfs_get_passphrase("Old wrapping passphrase");
> @@ -55,10 +56,17 @@
>                         ecryptfs_get_passphrase("New wrapping passphrase");
>                 new_wrapping_passphrase2 =
>                         ecryptfs_get_passphrase("New wrapping passphrase
> (again)");
> -               if (
> -                   strlen(new_wrapping_passphrase) !=
> strlen(new_wrapping_passphrase2) ||
> -                   strncmp(new_wrapping_passphrase,
> new_wrapping_passphrase2, strlen(new_wrapping_passphrase))!=0
> -                  ) {
> +
> +               if (!new_wrapping_passphrase) {
> +                       fprintf(stderr, "Failed to read new wrapping
> passphrase\n");
> +                       rc = 1;
> +                       goto out;
> +               } else if (!new_wrapping_passphrase2) {
> +                       fprintf(stderr, "Failed to read new wrapping
> passphrase confirmation\n");
> +                       rc = 1;
> +                       goto out;
> +               } else if (strcmp(new_wrapping_passphrase,
> +                                 new_wrapping_passphrase2)) {
>                         fprintf(stderr, "New wrapping passphrases do not
> match\n");
>                         rc = 1;
>                         goto out;
> @@ -76,7 +84,7 @@
>                 usage();
>                 goto out;
>         }
> -       if (old_wrapping_passphrase==NULL || new_wrapping_passphrase==NULL
> ||
> +       if (!old_wrapping_passphrase || !new_wrapping_passphrase ||
>             strlen(old_wrapping_passphrase) > ECRYPTFS_MAX_PASSWORD_LENGTH
> ||
>             strlen(new_wrapping_passphrase) >
> ECRYPTFS_MAX_PASSWORD_LENGTH) {
>                 usage();
>
>
>

eCryptfs

Merge lp:~tyhicks/ecryptfs/rewrap-passphrase-cleanups into lp:ecryptfs

Commit message

Description of the change

Preview Diff

Subscribers

1	=== modified file 'debian/changelog'
2	--- debian/changelog 2013-06-08 01:37:48 +0000
3	+++ debian/changelog 2013-06-27 20:57:33 +0000
4	@@ -21,6 +21,11 @@
5	- adjust man page text to avoid confusion about whether the interactive
6	mount helper takes a capital 'N' for the answer to y/n questions
7	(LP: #1130460)
8	+ * src/utils/ecryptfs_rewrap_passphrase.c:
9	+ - Handle errors when interactively reading the new wrapping passphrase
10	+ and the confirmation from stdin. Fixes a segfault (invalid memory read)
11	+ in ecryptfs-rewrap-passphrase if there was an error while reading either
12	+ of these passphrases.
13
14	[ Dustin Kirkland ]
15	* src/utils/ecryptfs-setup-swap: LP: #1172014
16
17	=== modified file 'src/utils/ecryptfs_rewrap_passphrase.c'
18	--- src/utils/ecryptfs_rewrap_passphrase.c 2011-12-13 20:51:40 +0000
19	+++ src/utils/ecryptfs_rewrap_passphrase.c 2013-06-27 20:57:33 +0000
20	@@ -42,12 +42,13 @@
21	char passphrase[ECRYPTFS_MAX_PASSWORD_LENGTH + 1];
22	char *old_wrapping_passphrase;
23	char *new_wrapping_passphrase;
24	- char *new_wrapping_passphrase2;
25	char salt[ECRYPTFS_SALT_SIZE];
26	char salt_hex[ECRYPTFS_SALT_SIZE_HEX];
27	int rc = 0;
28
29	if (argc == 2) {
30	+ char *new_wrapping_passphrase2;
31	+
32	/* interactive mode */
33	old_wrapping_passphrase =
34	ecryptfs_get_passphrase("Old wrapping passphrase");
35	@@ -55,10 +56,17 @@
36	ecryptfs_get_passphrase("New wrapping passphrase");
37	new_wrapping_passphrase2 =
38	ecryptfs_get_passphrase("New wrapping passphrase (again)");
39	- if (
40	- strlen(new_wrapping_passphrase) != strlen(new_wrapping_passphrase2) \|\|
41	- strncmp(new_wrapping_passphrase, new_wrapping_passphrase2, strlen(new_wrapping_passphrase))!=0
42	- ) {
43	+
44	+ if (!new_wrapping_passphrase) {
45	+ fprintf(stderr, "Failed to read new wrapping passphrase\n");
46	+ rc = 1;
47	+ goto out;
48	+ } else if (!new_wrapping_passphrase2) {
49	+ fprintf(stderr, "Failed to read new wrapping passphrase confirmation\n");
50	+ rc = 1;
51	+ goto out;
52	+ } else if (strcmp(new_wrapping_passphrase,
53	+ new_wrapping_passphrase2)) {
54	fprintf(stderr, "New wrapping passphrases do not match\n");
55	rc = 1;
56	goto out;
57	@@ -76,7 +84,7 @@
58	usage();
59	goto out;
60	}
61	- if (old_wrapping_passphrase==NULL \|\| new_wrapping_passphrase==NULL \|\|
62	+ if (!old_wrapping_passphrase \|\| !new_wrapping_passphrase \|\|
63	strlen(old_wrapping_passphrase) > ECRYPTFS_MAX_PASSWORD_LENGTH \|\|
64	strlen(new_wrapping_passphrase) > ECRYPTFS_MAX_PASSWORD_LENGTH) {
65	usage();