diff options
| -rw-r--r-- | src/ask-password/ask-password.c | 4 | ||||
| -rw-r--r-- | src/basic/strv.c | 9 | ||||
| -rw-r--r-- | src/basic/strv.h | 4 | ||||
| -rw-r--r-- | src/basic/util.c | 9 | ||||
| -rw-r--r-- | src/basic/util.h | 5 | ||||
| -rw-r--r-- | src/cryptsetup/cryptsetup.c | 40 | ||||
| -rw-r--r-- | src/firstboot/firstboot.c | 9 | ||||
| -rw-r--r-- | src/shared/ask-password-api.c | 3 | ||||
| -rw-r--r-- | src/tty-ask-password-agent/tty-ask-password-agent.c | 8 | 
9 files changed, 43 insertions, 48 deletions
| diff --git a/src/ask-password/ask-password.c b/src/ask-password/ask-password.c index 89a49c2e86..a544866000 100644 --- a/src/ask-password/ask-password.c +++ b/src/ask-password/ask-password.c @@ -144,7 +144,7 @@ static int parse_argv(int argc, char *argv[]) {  }  int main(int argc, char *argv[]) { -        _cleanup_strv_free_ char **l = NULL; +        _cleanup_strv_free_erase_ char **l = NULL;          usec_t timeout;          char **p;          int r; @@ -174,8 +174,6 @@ int main(int argc, char *argv[]) {                          break;          } -        strv_erase(l); -  finish:          free(arg_message); diff --git a/src/basic/strv.c b/src/basic/strv.c index b66c176487..501d022cb9 100644 --- a/src/basic/strv.c +++ b/src/basic/strv.c @@ -86,6 +86,15 @@ char **strv_free(char **l) {          return NULL;  } +char **strv_free_erase(char **l) { +        char **i; + +        STRV_FOREACH(i, l) +                string_erase(*i); + +        return strv_free(l); +} +  char **strv_copy(char * const *l) {          char **r, **k; diff --git a/src/basic/strv.h b/src/basic/strv.h index e49f443835..a5dc696a87 100644 --- a/src/basic/strv.h +++ b/src/basic/strv.h @@ -35,6 +35,10 @@ char **strv_free(char **l);  DEFINE_TRIVIAL_CLEANUP_FUNC(char**, strv_free);  #define _cleanup_strv_free_ _cleanup_(strv_freep) +char **strv_free_erase(char **l); +DEFINE_TRIVIAL_CLEANUP_FUNC(char**, strv_free_erase); +#define _cleanup_strv_free_erase_ _cleanup_(strv_free_erasep) +  void strv_clear(char **l);  char **strv_copy(char * const *l); diff --git a/src/basic/util.c b/src/basic/util.c index f24db9796e..a14ed2e4cc 100644 --- a/src/basic/util.c +++ b/src/basic/util.c @@ -6817,9 +6817,10 @@ void string_erase(char *x) {          memory_erase(x, strlen(x));  } -void strv_erase(char **l) { -        char **i; +char *string_free_erase(char *s) { +        if (!s) +                return NULL; -        STRV_FOREACH(i, l) -                string_erase(*i); +        string_erase(s); +        return mfree(s);  } diff --git a/src/basic/util.h b/src/basic/util.h index b1c64675e0..4b1c5878c5 100644 --- a/src/basic/util.h +++ b/src/basic/util.h @@ -946,4 +946,7 @@ bool oom_score_adjust_is_valid(int oa);  #define memory_erase(p, l) memset((p), 'x', (l))  void string_erase(char *x); -void strv_erase(char **l); + +char *string_free_erase(char *s); +DEFINE_TRIVIAL_CLEANUP_FUNC(char *, string_free_erase); +#define _cleanup_string_free_erase_ _cleanup_(string_free_erasep) diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index c9be17446b..ecc1273eec 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -314,7 +314,7 @@ static char *disk_mount_point(const char *label) {  static int get_password(const char *vol, const char *src, usec_t until, bool accept_cached, char ***ret) {          _cleanup_free_ char *description = NULL, *name_buffer = NULL, *mount_point = NULL, *maj_min = NULL, *text = NULL, *escaped_name = NULL; -        _cleanup_strv_free_ char **passwords = NULL, **passwords2 = NULL; +        _cleanup_strv_free_erase_ char **passwords = NULL;          const char *name = NULL;          char **p, *id;          int r = 0; @@ -361,32 +361,31 @@ static int get_password(const char *vol, const char *src, usec_t until, bool acc          id = strjoina("cryptsetup:", escaped_name); -        r = ask_password_auto(text, "drive-harddisk", id, "cryptsetup", until, ASK_PASSWORD_PUSH_CACHE|(accept_cached ? ASK_PASSWORD_ACCEPT_CACHED : 0), &passwords); +        r = ask_password_auto(text, "drive-harddisk", id, "cryptsetup", until, +                              ASK_PASSWORD_PUSH_CACHE | (accept_cached*ASK_PASSWORD_ACCEPT_CACHED), +                              &passwords);          if (r < 0)                  return log_error_errno(r, "Failed to query password: %m");          if (arg_verify) { +                _cleanup_strv_free_erase_ char **passwords2 = NULL; +                  assert(strv_length(passwords) == 1); -                if (asprintf(&text, "Please enter passphrase for disk %s! (verification)", name) < 0) { -                        r = log_oom(); -                        goto finish; -                } +                if (asprintf(&text, "Please enter passphrase for disk %s! (verification)", name) < 0) +                        return log_oom();                  id = strjoina("cryptsetup-verification:", escaped_name);                  r = ask_password_auto(text, "drive-harddisk", id, "cryptsetup", until, ASK_PASSWORD_PUSH_CACHE, &passwords2); -                if (r < 0) { -                        log_error_errno(r, "Failed to query verification password: %m"); -                        goto finish; -                } +                if (r < 0) +                        return log_error_errno(r, "Failed to query verification password: %m");                  assert(strv_length(passwords2) == 1);                  if (!streq(passwords[0], passwords2[0])) {                          log_warning("Passwords did not match, retrying."); -                        r = -EAGAIN; -                        goto finish; +                        return -EAGAIN;                  }          } @@ -400,10 +399,8 @@ static int get_password(const char *vol, const char *src, usec_t until, bool acc                  /* Pad password if necessary */                  c = new(char, arg_key_size); -                if (!c) { -                        r = -ENOMEM; -                        goto finish; -                } +                if (!c) +                        return log_oom();                  strncpy(c, *p, arg_key_size);                  free(*p); @@ -413,13 +410,7 @@ static int get_password(const char *vol, const char *src, usec_t until, bool acc          *ret = passwords;          passwords = NULL; -        r = 0; - -finish: -        strv_erase(passwords); -        strv_erase(passwords2); - -        return r; +        return 0;  }  static int attach_tcrypt( @@ -683,7 +674,7 @@ int main(int argc, char *argv[]) {                  }                  for (tries = 0; arg_tries == 0 || tries < arg_tries; tries++) { -                        _cleanup_strv_free_ char **passwords = NULL; +                        _cleanup_strv_free_erase_ char **passwords = NULL;                          if (!key_file) {                                  k = get_password(argv[2], argv[3], until, tries == 0 && !arg_verify, &passwords); @@ -702,7 +693,6 @@ int main(int argc, char *argv[]) {                                                           arg_header ? argv[3] : NULL,                                                           passwords,                                                           flags); -                        strv_erase(passwords);                          if (k >= 0)                                  break;                          else if (k == -EAGAIN) { diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index da247fbef8..82ebb91788 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -455,7 +455,7 @@ static int prompt_root_password(void) {          msg2 = strjoina(draw_special_char(DRAW_TRIANGULAR_BULLET), " Please enter new root password again: ");          for (;;) { -                _cleanup_free_ char *a = NULL, *b = NULL; +                _cleanup_string_free_erase_ char *a = NULL, *b = NULL;                  r = ask_password_tty(msg1, NULL, 0, 0, NULL, &a);                  if (r < 0) @@ -467,19 +467,14 @@ static int prompt_root_password(void) {                  }                  r = ask_password_tty(msg2, NULL, 0, 0, NULL, &b); -                if (r < 0) { -                        string_erase(a); +                if (r < 0)                          return log_error_errno(r, "Failed to query root password: %m"); -                }                  if (!streq(a, b)) {                          log_error("Entered passwords did not match, please try again."); -                        string_erase(a); -                        string_erase(b);                          continue;                  } -                string_erase(b);                  arg_root_password = a;                  a = NULL;                  break; diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index e35594a5df..ddf42f11e1 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -94,7 +94,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) {  }  static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **passwords) { -        _cleanup_strv_free_ char **l = NULL; +        _cleanup_strv_free_erase_ char **l = NULL;          _cleanup_free_ char *p = NULL;          key_serial_t serial;          size_t n; @@ -119,7 +119,6 @@ static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **pa                  return r;          r = strv_make_nulstr(l, &p, &n); -        strv_erase(l);          if (r < 0)                  return r; diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c index 7a5ac9fa9c..8423364046 100644 --- a/src/tty-ask-password-agent/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -307,7 +307,7 @@ static int parse_password(const char *filename, char **wall) {                  }                  if (arg_plymouth) { -                        _cleanup_strv_free_ char **passwords = NULL; +                        _cleanup_strv_free_erase_ char **passwords = NULL;                          r = ask_password_plymouth(message, not_after, accept_cached ? ASK_PASSWORD_ACCEPT_CACHED : 0, filename, &passwords);                          if (r >= 0) { @@ -330,10 +330,8 @@ static int parse_password(const char *filename, char **wall) {                                  }                          } -                        strv_erase(passwords); -                  } else { -                        _cleanup_free_ char *password = NULL; +                        _cleanup_string_free_erase_ char *password = NULL;                          int tty_fd = -1;                          if (arg_console) { @@ -363,8 +361,6 @@ static int parse_password(const char *filename, char **wall) {                                          strcpy(packet + 1, password);                                  }                          } - -                        string_erase(password);                  }                  if (IN_SET(r, -ETIME, -ENOENT)) { | 
