CIFS: zero sensitive data when freeing

BugLink: http://bugs.launchpad.net/bugs/1756121
commit 97f4b7276b829a8927ac903a119bef2f963ccc58 upstream.

also replaces memset()+kfree() by kzfree().

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Juerg Haefliger <juergh@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c
index 6c2508a060f3179e9c32f86ff326f7343f3ecced..4d33b160248ee8a49ea59f2b9a7db68d6b64e080 100644 (file)
--- a/fs/cifs/cifsencrypt.c
+++ b/fs/cifs/cifsencrypt.c
@@ -324,9 +324,8 @@ int calc_lanman_hash(const char *password, const char *cryptkey, bool encrypt,
 {
        int i;
        int rc;
-       char password_with_pad[CIFS_ENCPWD_SIZE];
+       char password_with_pad[CIFS_ENCPWD_SIZE] = {0};
 
-       memset(password_with_pad, 0, CIFS_ENCPWD_SIZE);
        if (password)
                strncpy(password_with_pad, password, CIFS_ENCPWD_SIZE);
 

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index e568481d466d71dc2035a76e3e0caf1e3e29ce3b..0a6d75905b7b134d2e67bad6dedec278e63f0c00 100644 (file)
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1683,7 +1683,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
                        tmp_end++;
                        if (!(tmp_end < end && tmp_end[1] == delim)) {
                                /* No it is not. Set the password to NULL */
-                               kfree(vol->password);
+                               kzfree(vol->password);
                                vol->password = NULL;
                                break;
                        }
@@ -1721,7 +1721,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
                                        options = end;
                        }
 
-                       kfree(vol->password);
+                       kzfree(vol->password);
                        /* Now build new password string */
                        temp_len = strlen(value);
                        vol->password = kzalloc(temp_len+1, GFP_KERNEL);
@@ -4213,7 +4213,7 @@ cifs_construct_tcon(struct cifs_sb_info *cifs_sb, kuid_t fsuid)
                reset_cifs_unix_caps(0, tcon, NULL, vol_info);
 out:
        kfree(vol_info->username);
-       kfree(vol_info->password);
+       kzfree(vol_info->password);
        kfree(vol_info);
 
        return tcon;

diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index c6729156f9a00cf69938f8ec66c92fde561849ab..b700e58d9fb52f095b98ced085fd60d472af929f 100644 (file)
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -99,14 +99,11 @@ sesInfoFree(struct cifs_ses *buf_to_free)
        kfree(buf_to_free->serverOS);
        kfree(buf_to_free->serverDomain);
        kfree(buf_to_free->serverNOS);
-       if (buf_to_free->password) {
-               memset(buf_to_free->password, 0, strlen(buf_to_free->password));
-               kfree(buf_to_free->password);
-       }
+       kzfree(buf_to_free->password);
        kfree(buf_to_free->user_name);
        kfree(buf_to_free->domainName);
-       kfree(buf_to_free->auth_key.response);
-       kfree(buf_to_free);
+       kzfree(buf_to_free->auth_key.response);
+       kzfree(buf_to_free);
 }
 
 struct cifs_tcon *
@@ -137,10 +134,7 @@ tconInfoFree(struct cifs_tcon *buf_to_free)
        }
        atomic_dec(&tconInfoAllocCount);
        kfree(buf_to_free->nativeFileSystem);
-       if (buf_to_free->password) {
-               memset(buf_to_free->password, 0, strlen(buf_to_free->password));
-               kfree(buf_to_free->password);
-       }
+       kzfree(buf_to_free->password);
        kfree(buf_to_free);
 }