}
#if defined(FEAT_CRYPT) || defined(PROTO)
+/*
+ * Swapfile encryption is not supported by XChaCha20. If this crypt method is
+ * used then disable the swapfile, to avoid plain text being written to disk,
+ * and return TRUE.
+ * Otherwise return FALSE.
+ */
+ static int
+crypt_may_close_swapfile(buf_T *buf, char_u *key, int method)
+{
+ if (crypt_method_is_sodium(method) && *key != NUL)
+ {
+ mf_close_file(buf, TRUE);
+ buf->b_p_swf = FALSE;
+ return TRUE;
+ }
+ return FALSE;
+}
+
/*
* Prepare encryption for "buf" for the current key and method.
*/
// Generate a seed and store it in the memfile.
sha2_seed(buf->b_ml.ml_mfp->mf_seed, MF_SEED_LEN, NULL, 0);
}
-#ifdef FEAT_SODIUM
+# ifdef FEAT_SODIUM
else if (crypt_method_is_sodium(method_nr))
- crypt_sodium_randombytes_buf(buf->b_ml.ml_mfp->mf_seed,
- MF_SEED_LEN);
-#endif
+ crypt_sodium_randombytes_buf(buf->b_ml.ml_mfp->mf_seed, MF_SEED_LEN);
+# endif
}
/*
return; // no memfile yet, nothing to do
old_method = crypt_method_nr_from_name(old_cm);
- // Swapfile encryption is not supported by XChaCha20, therefore disable the
- // swapfile to avoid plain text being written to disk.
- if (crypt_method_is_sodium(crypt_get_method_nr(buf))
- && *buf->b_p_key != NUL)
- {
- // close the swapfile
- mf_close_file(buf, TRUE);
- buf->b_p_swf = FALSE;
+#ifdef FEAT_CRYPT
+ if (crypt_may_close_swapfile(buf, buf->b_p_key, crypt_get_method_nr(buf)))
return;
- }
+#endif
// First make sure the swapfile is in a consistent state, using the old
// key and method.
|| buf->b_ml.ml_mfp->mf_fd < 0)
continue; // no file
+#ifdef FEAT_CRYPT
+ if (crypt_may_close_swapfile(buf, buf->b_p_key,
+ crypt_get_method_nr(buf)))
+ continue;
+#endif
+
ml_flush_line(buf); // flush buffered line
// flush locked block
(void)ml_find_line(buf, (linenr_T)0, ML_FLUSH);
emsg(_(e_cannot_preserve_there_is_no_swap_file));
return;
}
+#ifdef FEAT_CRYPT
+ if (crypt_may_close_swapfile(buf, buf->b_p_key, crypt_get_method_nr(buf)))
+ return;
+#endif
// We only want to stop when interrupted here, not when interrupted
// before.
if (*key == NUL)
return NULL;
+ if (crypt_may_close_swapfile(buf, key, method_nr))
+ return NULL;
+
if (method_nr == CRYPT_M_ZIP)
{
// For PKzip: Append the offset to the key, so that we use a different
void crypt_check_current_method(void);
char_u *crypt_get_key(int store, int twice);
void crypt_append_msg(buf_T *buf);
+void crypt_sodium_lock_key(char_u *key);
int crypt_sodium_munlock(void *const addr, const size_t len);
void crypt_sodium_randombytes_buf(void *const buf, const size_t size);
int crypt_sodium_init(void);
exe buf .. 'bwipe!'
call assert_true(filereadable('Xfoo'))
- let buf = RunVimInTerminal('--cmd "set ch=3 cm=xchacha20v2 key=foo" Xfoo', #{rows: 10})
+ let buf = RunVimInTerminal('--cmd "set ch=3 cm=xchacha20v2 key=foo" Xfoo', #{wait_for_ruler: 0, rows: 10})
call g:TermWait(buf, g:RunningWithValgrind() ? 1000 : 50)
call StopVimInTerminal(buf)
call delete('Xtest1.txt')
endfunc
+func Test_crypt_set_key_segfault()
+ CheckFeature sodium
+
+ defer delete('Xtest2.txt')
+ new Xtest2.txt
+ call setline(1, 'nothing')
+ set cryptmethod=xchacha20
+ set key=foobar
+ w
+ new Xtest3
+ put ='other content'
+ setl modified
+ sil! preserve
+ bwipe!
+
+ set cryptmethod&
+ set key=
+ bwipe!
+endfunc
+
" vim: shiftwidth=2 sts=2 expandtab
projects / thirdparty / vim.git / commitdiff
