/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
plugins.d/mandos-client.c
47
47
                                   strtof(), abort() */
48
48
#include <stdbool.h>            /* bool, false, true */
49
49
#include <string.h>             /* strcmp(), strlen(), strerror(),
50
 
                                   asprintf(), strncpy(), strsignal()
51
 
                                */
 
50
                                   asprintf(), strncpy() */
52
51
#include <sys/ioctl.h>          /* ioctl */
53
52
#include <sys/types.h>          /* socket(), inet_pton(), sockaddr,
54
53
                                   sockaddr_in6, PF_INET6,
1238
1237
           with an explicit route added with the server's address.
1239
1238
           
1240
1239
           Avahi bug reference:
1241
 
           https://lists.freedesktop.org/archives/avahi/2010-February/001833.html
 
1240
           http://lists.freedesktop.org/archives/avahi/2010-February/001833.html
1242
1241
           https://bugs.debian.org/587961
1243
1242
        */
1244
1243
        if(debug){
1424
1423
                                               &decrypted_buffer, mc);
1425
1424
    if(decrypted_buffer_size >= 0){
1426
1425
      
1427
 
      clearerr(stdout);
1428
1426
      written = 0;
1429
1427
      while(written < (size_t) decrypted_buffer_size){
1430
1428
        if(quit_now){
1446
1444
        }
1447
1445
        written += (size_t)ret;
1448
1446
      }
1449
 
      ret = fflush(stdout);
1450
 
      if(ret != 0){
1451
 
        int e = errno;
1452
 
        if(debug){
1453
 
          fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1454
 
                       strerror(errno));
1455
 
        }
1456
 
        errno = e;
1457
 
        goto mandos_end;
1458
 
      }
1459
1447
      retval = 0;
1460
1448
    }
1461
1449
  }
2497
2485
  
2498
2486
  {
2499
2487
    /* Work around Debian bug #633582:
2500
 
       <https://bugs.debian.org/633582> */
 
2488
       <http://bugs.debian.org/633582> */
2501
2489
    
2502
2490
    /* Re-raise privileges */
2503
2491
    ret = raise_privileges();
2958
2946
 end:
2959
2947
  
2960
2948
  if(debug){
2961
 
    if(signal_received){
2962
 
      fprintf_plus(stderr, "%s exiting due to signal %d: %s\n",
2963
 
                   argv[0], signal_received,
2964
 
                   strsignal(signal_received));
2965
 
    } else {
2966
 
      fprintf_plus(stderr, "%s exiting\n", argv[0]);
2967
 
    }
 
2949
    fprintf_plus(stderr, "%s exiting\n", argv[0]);
2968
2950
  }
2969
2951
  
2970
2952
  /* Cleanup things */