/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
plugins.d/mandos-client.c
47
47
                                   strtof(), abort() */
48
48
#include <stdbool.h>            /* bool, false, true */
49
49
#include <string.h>             /* strcmp(), strlen(), strerror(),
50
 
                                   asprintf(), strncpy(), strsignal()
51
 
                                */
 
50
                                   asprintf(), strncpy() */
52
51
#include <sys/ioctl.h>          /* ioctl */
53
52
#include <sys/types.h>          /* socket(), inet_pton(), sockaddr,
54
53
                                   sockaddr_in6, PF_INET6,
626
625
                     safer_gnutls_strerror(ret));
627
626
        dhparamsfilename = NULL;
628
627
      }
629
 
      free(params.data);
630
628
    } while(false);
631
629
  }
632
630
  if(dhparamsfilename == NULL){
1239
1237
           with an explicit route added with the server's address.
1240
1238
           
1241
1239
           Avahi bug reference:
1242
 
           https://lists.freedesktop.org/archives/avahi/2010-February/001833.html
 
1240
           http://lists.freedesktop.org/archives/avahi/2010-February/001833.html
1243
1241
           https://bugs.debian.org/587961
1244
1242
        */
1245
1243
        if(debug){
1425
1423
                                               &decrypted_buffer, mc);
1426
1424
    if(decrypted_buffer_size >= 0){
1427
1425
      
1428
 
      clearerr(stdout);
1429
1426
      written = 0;
1430
1427
      while(written < (size_t) decrypted_buffer_size){
1431
1428
        if(quit_now){
1447
1444
        }
1448
1445
        written += (size_t)ret;
1449
1446
      }
1450
 
      ret = fflush(stdout);
1451
 
      if(ret != 0){
1452
 
        int e = errno;
1453
 
        if(debug){
1454
 
          fprintf_plus(stderr, "Error writing encrypted data: %s\n",
1455
 
                       strerror(errno));
1456
 
        }
1457
 
        errno = e;
1458
 
        goto mandos_end;
1459
 
      }
1460
1447
      retval = 0;
1461
1448
    }
1462
1449
  }
2498
2485
  
2499
2486
  {
2500
2487
    /* Work around Debian bug #633582:
2501
 
       <https://bugs.debian.org/633582> */
 
2488
       <http://bugs.debian.org/633582> */
2502
2489
    
2503
2490
    /* Re-raise privileges */
2504
2491
    ret = raise_privileges();
2959
2946
 end:
2960
2947
  
2961
2948
  if(debug){
2962
 
    if(signal_received){
2963
 
      fprintf_plus(stderr, "%s exiting due to signal %d: %s\n",
2964
 
                   argv[0], signal_received,
2965
 
                   strsignal(signal_received));
2966
 
    } else {
2967
 
      fprintf_plus(stderr, "%s exiting\n", argv[0]);
2968
 
    }
 
2949
    fprintf_plus(stderr, "%s exiting\n", argv[0]);
2969
2950
  }
2970
2951
  
2971
2952
  /* Cleanup things */