commit 1a96191: [Minor] Wipe memory in rspamadm
Vsevolod Stakhov
vsevolod at highsecure.ru
Wed May 1 15:42:06 UTC 2019
Author: Vsevolod Stakhov
Date: 2019-05-01 16:36:49 +0100
URL: https://github.com/rspamd/rspamd/commit/1a961917c458b847fc27b1aa03a82b2b5605b4cb (HEAD -> master)
[Minor] Wipe memory in rspamadm
---
src/libserver/cfg_file.h | 5 +++--
src/libserver/cfg_utils.c | 2 +-
src/lua/lua_common.c | 42 +++++++++++++++++++++++++++++++++++++++---
src/lua/lua_common.h | 2 +-
src/rspamadm/rspamadm.c | 2 +-
test/rspamd_lua_test.c | 2 +-
6 files changed, 46 insertions(+), 9 deletions(-)
diff --git a/src/libserver/cfg_file.h b/src/libserver/cfg_file.h
index 278a0a466..8a1798b97 100644
--- a/src/libserver/cfg_file.h
+++ b/src/libserver/cfg_file.h
@@ -474,8 +474,9 @@ gboolean rspamd_parse_bind_line (struct rspamd_config *cfg,
enum rspamd_config_init_flags {
- RSPAMD_CONFIG_INIT_DEFAULT = 0,
- RSPAMD_CONFIG_INIT_SKIP_LUA = (1 << 0)
+ RSPAMD_CONFIG_INIT_DEFAULT = 0u,
+ RSPAMD_CONFIG_INIT_SKIP_LUA = (1u << 0u),
+ RSPAMD_CONFIG_INIT_WIPE_LUA_MEM = (1u << 1u),
};
/**
* Init default values
diff --git a/src/libserver/cfg_utils.c b/src/libserver/cfg_utils.c
index 84268dc73..308fb654e 100644
--- a/src/libserver/cfg_utils.c
+++ b/src/libserver/cfg_utils.c
@@ -201,7 +201,7 @@ rspamd_config_new (enum rspamd_config_init_flags flags)
cfg->max_word_len = DEFAULT_MAX_WORD;
if (!(flags & RSPAMD_CONFIG_INIT_SKIP_LUA)) {
- cfg->lua_state = rspamd_lua_init ();
+ cfg->lua_state = rspamd_lua_init (flags & RSPAMD_CONFIG_INIT_WIPE_LUA_MEM);
cfg->own_lua_state = TRUE;
cfg->lua_thread_pool = lua_thread_pool_new (cfg->lua_state);
}
diff --git a/src/lua/lua_common.c b/src/lua/lua_common.c
index 81fac3640..b83b68bf0 100644
--- a/src/lua/lua_common.c
+++ b/src/lua/lua_common.c
@@ -870,12 +870,48 @@ lua_push_trace_data (lua_State *L)
}
#endif
+
+
+static void *
+rspamd_lua_wipe_realloc (void *ud,
+ void *ptr,
+ size_t osize,
+ size_t nsize) RSPAMD_ATTR_ALLOC_SIZE(4);
+static void *
+rspamd_lua_wipe_realloc (void *ud,
+ void *ptr,
+ size_t osize,
+ size_t nsize)
+{
+ if (nsize == 0) {
+ if (ptr) {
+ rspamd_explicit_memzero (ptr, osize);
+ }
+
+ free (ptr);
+ }
+ else if (ptr == NULL) {
+ return malloc (nsize);
+ }
+ else {
+ return realloc (ptr, nsize);
+ }
+
+ return NULL;
+}
+
lua_State *
-rspamd_lua_init ()
+rspamd_lua_init (bool wipe_mem)
{
lua_State *L;
- L = luaL_newstate ();
+ if (wipe_mem) {
+ L = lua_newstate (rspamd_lua_wipe_realloc, NULL);
+ }
+ else {
+ L = luaL_newstate ();
+ }
+
luaL_openlibs (L);
luaopen_logger (L);
luaopen_mempool (L);
@@ -984,7 +1020,7 @@ rspamd_init_lua_locked (struct rspamd_config *cfg)
struct lua_locked_state *new;
new = g_malloc0 (sizeof (struct lua_locked_state));
- new->L = rspamd_lua_init ();
+ new->L = rspamd_lua_init (false);
new->m = rspamd_mutex_new ();
return new;
diff --git a/src/lua/lua_common.h b/src/lua/lua_common.h
index 5ff5cc8bf..a755bb90f 100644
--- a/src/lua/lua_common.h
+++ b/src/lua/lua_common.h
@@ -165,7 +165,7 @@ gpointer rspamd_lua_check_class (lua_State *L, gint index, const gchar *name);
/**
* Initialize lua and bindings
*/
-lua_State *rspamd_lua_init (void);
+lua_State *rspamd_lua_init (bool wipe_mem);
/**
diff --git a/src/rspamadm/rspamadm.c b/src/rspamadm/rspamadm.c
index f3760ce3e..f4fabfc9f 100644
--- a/src/rspamadm/rspamadm.c
+++ b/src/rspamadm/rspamadm.c
@@ -370,7 +370,7 @@ main (gint argc, gchar **argv, gchar **env)
ucl_vars = g_hash_table_new_full (rspamd_strcase_hash,
rspamd_strcase_equal, g_free, g_free);
process_quark = g_quark_from_static_string ("rspamadm");
- cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT);
+ cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT|RSPAMD_CONFIG_INIT_WIPE_LUA_MEM);
cfg->libs_ctx = rspamd_init_libs ();
rspamd_main = g_malloc0 (sizeof (*rspamd_main));
rspamd_main->cfg = cfg;
diff --git a/test/rspamd_lua_test.c b/test/rspamd_lua_test.c
index ad40ef488..d2a5ba2f5 100644
--- a/test/rspamd_lua_test.c
+++ b/test/rspamd_lua_test.c
@@ -58,7 +58,7 @@ traceback (lua_State *L)
void
rspamd_lua_test_func (void)
{
- lua_State *L = rspamd_lua_init ();
+ lua_State *L = rspamd_lua_init (false);
gchar *rp, rp_buf[PATH_MAX], path_buf[PATH_MAX], *tmp, *dir, *pattern;
const gchar *old_path;
glob_t globbuf;
More information about the Commits
mailing list