From: VMware, Inc <> Date: Wed, 18 Sep 2013 03:13:16 +0000 (-0700) Subject: Internal branch sync. Included in this change: X-Git-Tag: 2013.09.16-1328054~119 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b34fff0c862b0ba8c6f93fc96a335d3a8e243f9c;p=thirdparty%2Fopen-vm-tools.git Internal branch sync. Included in this change: . Scrub sensitive data in VIX before freeing it . Fix memory leak in VMCISock_GetAFValueFd() . changes in shared code that don't affect open-vm-tools functionality Signed-off-by: Dmitry Torokhov --- diff --git a/open-vm-tools/lib/foundryMsg/foundryPropertyListCommon.c b/open-vm-tools/lib/foundryMsg/foundryPropertyListCommon.c index 20a15b759..0de1d8f34 100644 --- a/open-vm-tools/lib/foundryMsg/foundryPropertyListCommon.c +++ b/open-vm-tools/lib/foundryMsg/foundryPropertyListCommon.c @@ -133,6 +133,37 @@ VixPropertyList_RemoveAllWithoutHandles(VixPropertyListImpl *propList) // IN } // VixPropertyList_RemoveAllWithoutHandles +/* + *----------------------------------------------------------------------------- + * + * VixPropertyList_MarkAllSensitive -- + * + * Mark all properties in a list sensitive. + * + * Results: + * As above + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +void +VixPropertyList_MarkAllSensitive(VixPropertyListImpl *propList) // IN/OUT: +{ + if (NULL != propList) { + VixPropertyValue *property = propList->properties; + + while (NULL != property) { + property->isSensitive = TRUE; + + property = property->next; + } + } +} // VixPropertyList_MarkAllSensitive + + /* *----------------------------------------------------------------------------- * @@ -155,10 +186,10 @@ VixPropertyList_RemoveAllWithoutHandles(VixPropertyListImpl *propList) // IN */ VixError -VixPropertyList_Serialize(VixPropertyListImpl *propList, // IN - Bool dirtyOnly, // IN - size_t *resultSize, // OUT - char **resultBuffer) // OUT +VixPropertyList_Serialize(VixPropertyListImpl *propList, // IN: + Bool dirtyOnly, // IN: + size_t *resultSize, // OUT: + char **resultBuffer) // OUT: { VixError err = VIX_OK; VixPropertyValue *property = NULL; @@ -842,7 +873,7 @@ abort: * * Results: * VixError. VIX_OK if the property was found. - * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. + * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. * * Side effects: * None @@ -884,6 +915,42 @@ abort: } // VixPropertyList_GetString +/* + *----------------------------------------------------------------------------- + * + * VixPropertyListSetStringImpl -- + * + * Saves a copy of a string property value. Sets sensitivity. + * + * Results: + * As above + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +static void +VixPropertyListSetStringImpl(VixPropertyValue *property, // IN: + const char *value, // IN: + Bool isSensitive) // IN: +{ + if (NULL != property->value.strValue) { + if (property->isSensitive) { + Util_ZeroString(property->value.strValue); + } + free(property->value.strValue); + property->value.strValue = NULL; + } + if (NULL != value) { + property->value.strValue = Util_SafeStrdup(value); + } + property->isDirty = TRUE; + property->isSensitive = isSensitive; +} // VixPropertyListSetStringImpl + + /* *----------------------------------------------------------------------------- * @@ -892,7 +959,7 @@ abort: * Saves a copy of a string property value. The value is identified * by the integer property ID. * - * Value names are unique within a single proeprty list. + * Value names are unique within a single property list. * If a previous value with the same propertyID value already * existed in this property list, then it is replaced with the new * value. Otherwise, a new value is added. @@ -909,9 +976,9 @@ abort: */ VixError -VixPropertyList_SetString(VixPropertyListImpl *propList, // IN - int propertyID, // IN - const char *value) // IN +VixPropertyList_SetString(VixPropertyListImpl *propList, // IN: + int propertyID, // IN: + const char *value) // IN: { VixError err = VIX_OK; VixPropertyValue *property = NULL; @@ -920,31 +987,80 @@ VixPropertyList_SetString(VixPropertyListImpl *propList, // IN err = VIX_E_INVALID_ARG; goto abort; } - + /* * Find or create an entry for this property. */ err = VixPropertyList_FindProperty(propList, - propertyID, - VIX_PROPERTYTYPE_STRING, + propertyID, + VIX_PROPERTYTYPE_STRING, 0, - TRUE, + TRUE, &property); - if (VIX_OK != err) { - goto abort; + if (VIX_OK == err) { + VixPropertyListSetStringImpl(property, value, property->isSensitive); } - if (NULL != property->value.strValue) { - free(property->value.strValue); - property->value.strValue = NULL; +abort: + + return err; +} // VixPropertyList_SetString + + +/* + *----------------------------------------------------------------------------- + * + * VixPropertyList_SetStringSensitive -- + * + * Saves a copy of a string property value. The value is identified + * by the integer property ID. Mark sensitive. + * + * Value names are unique within a single property list. + * If a previous value with the same propertyID value already + * existed in this property list, then it is replaced with the new + * value. Otherwise, a new value is added. + * + * This fails if the value is present but has a different type. + * + * Results: + * VixError + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +VixError +VixPropertyList_SetStringSensitive(VixPropertyListImpl *propList, // IN: + int propertyID, // IN: + const char *value) // IN: +{ + VixError err = VIX_OK; + VixPropertyValue *property = NULL; + + if (NULL == propList) { + err = VIX_E_INVALID_ARG; + goto abort; } - if (NULL != value) { - property->value.strValue = Util_SafeStrdup(value); + + /* + * Find or create an entry for this property. + */ + err = VixPropertyList_FindProperty(propList, + propertyID, + VIX_PROPERTYTYPE_STRING, + 0, + TRUE, + &property); + + if (VIX_OK == err) { + VixPropertyListSetStringImpl(property, value, TRUE); } - property->isDirty = TRUE; abort: - return(err); + + return err; } // VixPropertyList_SetString @@ -962,7 +1078,7 @@ abort: * * Results: * VixError. VIX_OK if the property was found. - * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. + * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. * * Side effects: * None @@ -1009,7 +1125,7 @@ abort: * Saves a copy of a integer property value. The value is identified * by the integer property ID. * - * Value names are unique within a single proeprty list. + * Value names are unique within a single property list. * If a previous value with the same propertyID value already * existed in this property list, then it is replaced with the new * value. Otherwise, a new value is added. @@ -1055,7 +1171,7 @@ VixPropertyList_SetInteger(VixPropertyListImpl *propList, // IN property->isDirty = TRUE; abort: - return(err); + return err; } // VixPropertyList_SetInteger @@ -1073,7 +1189,7 @@ abort: * * Results: * VixError. VIX_OK if the property was found. - * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. + * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. * * Side effects: * None @@ -1124,7 +1240,7 @@ abort: * Saves a copy of a Bool property value. The value is identified * by the integer property ID. * - * Value names are unique within a single proeprty list. + * Value names are unique within a single property list. * If a previous value with the same propertyID value already * existed in this property list, then it is replaced with the new * value. Otherwise, a new value is added. @@ -1170,7 +1286,7 @@ VixPropertyList_SetBool(VixPropertyListImpl *propList, // IN property->isDirty = TRUE; abort: - return(err); + return err; } @@ -1188,7 +1304,7 @@ abort: * * Results: * VixError. VIX_OK if the property was found. - * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. + * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. * * Side effects: * None @@ -1235,7 +1351,7 @@ abort: * Saves a copy of a int64 property value. The value is identified * by the integer property ID. * - * Value names are unique within a single proeprty list. + * Value names are unique within a single property list. * If a previous value with the same propertyID value already * existed in this property list, then it is replaced with the new * value. Otherwise, a new value is added. @@ -1281,7 +1397,7 @@ VixPropertyList_SetInt64(VixPropertyListImpl *propList, // IN property->isDirty = TRUE; abort: - return(err); + return err; } // VixPropertyList_SetInt64 @@ -1299,7 +1415,7 @@ abort: * * Results: * VixError. VIX_OK if the property was found. - * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. + * VIX_E_UNRECOGNIZED_PROPERTY if the property was not found. * * Side effects: * None @@ -1349,6 +1465,49 @@ abort: } // VixPropertyList_GetBlob +/* + *----------------------------------------------------------------------------- + * + * VixPropertyListSetBlobImpl -- + * + * Saves a copy of a blob property value. Set sensitivity. + * + * Results: + * As above. + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +static void +VixPropertyListSetBlobImpl(VixPropertyValue *property, // IN: + int blobSize, // IN: + const unsigned char *value, // IN: + Bool isSensitive) // IN: +{ + if (NULL != property->value.blobValue.blobContents) { + if (property->isSensitive) { + Util_Zero(property->value.blobValue.blobContents, + property->value.blobValue.blobSize); + } + + free(property->value.blobValue.blobContents); + property->value.blobValue.blobContents = NULL; + } + + property->value.blobValue.blobSize = blobSize; + if ((NULL != value) && (blobSize > 0)) { + property->value.blobValue.blobContents = Util_SafeMalloc(blobSize); + memcpy(property->value.blobValue.blobContents, value, blobSize); + } + + property->isDirty = TRUE; + property->isSensitive = isSensitive; +} // VixPropertyListSetBlobImpl + + /* *----------------------------------------------------------------------------- * @@ -1357,7 +1516,7 @@ abort: * Saves a copy of a blob property value. The value is identified * by the integer property ID. * - * Value names are unique within a single proeprty list. + * Value names are unique within a single property list. * If a previous value with the same propertyID value already * existed in this property list, then it is replaced with the new * value. Otherwise, a new value is added. @@ -1374,10 +1533,10 @@ abort: */ VixError -VixPropertyList_SetBlob(VixPropertyListImpl *propList, // IN - int propertyID, // IN - int blobSize, // IN - const unsigned char *value) // IN +VixPropertyList_SetBlob(VixPropertyListImpl *propList, // IN: + int propertyID, // IN: + int blobSize, // IN: + const unsigned char *value) // IN: { VixError err = VIX_OK; VixPropertyValue *property = NULL; @@ -1386,35 +1545,81 @@ VixPropertyList_SetBlob(VixPropertyListImpl *propList, // IN err = VIX_E_INVALID_ARG; goto abort; } - + /* * Find or create an entry for this property. */ err = VixPropertyList_FindProperty(propList, - propertyID, - VIX_PROPERTYTYPE_BLOB, + propertyID, + VIX_PROPERTYTYPE_BLOB, 0, - TRUE, + TRUE, &property); - if (VIX_OK != err) { - goto abort; - } - if (NULL != property->value.blobValue.blobContents) { - free(property->value.blobValue.blobContents); - property->value.blobValue.blobContents = NULL; + if (VIX_OK == err) { + VixPropertyListSetBlobImpl(property, blobSize, value, + property->isSensitive); } - property->value.blobValue.blobSize = blobSize; - if ((NULL != value) && (blobSize > 0)) { - property->value.blobValue.blobContents = Util_SafeMalloc(blobSize); - memcpy(property->value.blobValue.blobContents, value, blobSize); +abort: + return err; +} // VixPropertyList_SetBlob + + +/* + *----------------------------------------------------------------------------- + * + * VixPropertyList_SetBlobSensitive -- + * + * Saves a copy of a blob property value. The value is identified + * by the integer property ID. Set sentivity. + * + * Value names are unique within a single property list. + * If a previous value with the same propertyID value already + * existed in this property list, then it is replaced with the new + * value. Otherwise, a new value is added. + * + * This fails if the value is present but has a different type. + * + * Results: + * VixError. + * + * Side effects: + * None + * + *----------------------------------------------------------------------------- + */ + +VixError +VixPropertyList_SetBlobSensitive(VixPropertyListImpl *propList, // IN: + int propertyID, // IN: + int blobSize, // IN: + const unsigned char *value) // IN: +{ + VixError err = VIX_OK; + VixPropertyValue *property = NULL; + + if (NULL == propList) { + err = VIX_E_INVALID_ARG; + goto abort; } - property->isDirty = TRUE; + /* + * Find or create an entry for this property. + */ + err = VixPropertyList_FindProperty(propList, + propertyID, + VIX_PROPERTYTYPE_BLOB, + 0, + TRUE, + &property); + + if (VIX_OK == err) { + VixPropertyListSetBlobImpl(property, blobSize, value, TRUE); + } abort: - return(err); + return err; } // VixPropertyList_SetBlob @@ -1485,7 +1690,7 @@ abort: * This is a SHALLOW copy. It only copies the pointer, not what the * pointer references. * - * Value names are unique within a single proeprty list. + * Value names are unique within a single property list. * If a previous value with the same propertyID value already * existed in this property list, then it is replaced with the new * value. Otherwise, a new value is added. @@ -1531,7 +1736,7 @@ VixPropertyList_SetPtr(VixPropertyListImpl *propList, // IN property->isDirty = TRUE; abort: - return(err); + return err; } // VixPropertyList_SetPtr @@ -1568,7 +1773,7 @@ VixPropertyList_PropertyExists(VixPropertyListImpl *propList, // IN foundIt = TRUE; } - return(foundIt); + return foundIt; } // VixPropertyList_PropertyExists diff --git a/open-vm-tools/lib/include/vixOpenSource.h b/open-vm-tools/lib/include/vixOpenSource.h index 367c8cf81..c94e86f22 100644 --- a/open-vm-tools/lib/include/vixOpenSource.h +++ b/open-vm-tools/lib/include/vixOpenSource.h @@ -18,7 +18,7 @@ /* * This header file is given out as part of the open source - * tools. Things in this file are public, but they may not have + * tools. Things in this file are public, but they may not have * been tested or documented, and that may change in future releases. * The public Vix API is defined in vix.h * @@ -32,7 +32,7 @@ #ifdef __cplusplus extern "C"{ -#endif +#endif /* * VIX_HIDE_BORA_DEPENDENCIES: @@ -211,7 +211,7 @@ enum { * * VIX Handles -- * - * These are common functions that apply to handles of several types. + * These are common functions that apply to handles of several types. *----------------------------------------------------------------------------- */ @@ -299,7 +299,7 @@ enum { *----------------------------------------------------------------------------- */ -/* +/* * VIX Property Type */ @@ -392,7 +392,7 @@ VixError VixPropertyList_Deserialize(VixPropertyListImpl *propListImpl, const char *buffer, size_t bufferSize, VixPropertyListBadEncodingAction action); - + VixError VixPropertyList_DeserializeNoClobber(VixPropertyListImpl *propListImpl, const char *buffer, @@ -403,7 +403,11 @@ VixError VixPropertyList_GetString(struct VixPropertyListImpl *propList, int propertyID, int index, char **resultValue); - + +VixError VixPropertyList_SetStringSensitive(struct VixPropertyListImpl *propList, + int propertyID, + const char *value); + VixError VixPropertyList_SetString(struct VixPropertyListImpl *propList, int propertyID, const char *value); @@ -455,6 +459,11 @@ VixError VixPropertyList_SetBlob(struct VixPropertyListImpl *propList, int blobSize, const unsigned char *value); +VixError VixPropertyList_SetBlobSensitive(struct VixPropertyListImpl *propList, + int propertyID, + int blobSize, + const unsigned char *value); + VixError VixPropertyList_RemoveAll(VixHandle propertyListHandle); VixError VixPropertyList_Remove(VixHandle propertyListHandle, @@ -463,7 +472,7 @@ VixError VixPropertyList_Remove(VixHandle propertyListHandle, VixError VixPropertyList_RemoveFromImpl(VixPropertyListImpl *propList, int propertyID); -VixError VixPropertyList_AppendProperties(VixHandle handle, +VixError VixPropertyList_AppendProperties(VixHandle handle, int firstPropertyID, ...); @@ -486,11 +495,11 @@ VixError VixPropertyListAppendProperty(VixPropertyListImpl *propList, int VixPropertyList_GetNumProperties(VixHandle propertyListHandle, int propertyID); -VixError VixPropertyList_GetOptionalProperties(VixHandle propertyListHandle, +VixError VixPropertyList_GetOptionalProperties(VixHandle propertyListHandle, int firstPropertyID, ...); -VixError VixPropertyList_GetIndexedProperties(VixHandle propertyListHandle, +VixError VixPropertyList_GetIndexedProperties(VixHandle propertyListHandle, Bool ignoreMissingProperties, int firstPropertyID, int firstPropertyIndex, @@ -509,6 +518,8 @@ int VixPropertyList_NumItems(VixPropertyListImpl *propList); Bool VixPropertyList_Empty(VixPropertyListImpl *propList); +void VixPropertyList_MarkAllSensitive(VixPropertyListImpl *propList); + #endif // VIX_HIDE_FROM_JAVA @@ -518,7 +529,7 @@ Bool VixPropertyList_Empty(VixPropertyListImpl *propList); * * VixVM -- * - * This describes the persistent configuration state of a single VM. The + * This describes the persistent configuration state of a single VM. The * VM may or may not be running. * *----------------------------------------------------------------------------- @@ -641,14 +652,14 @@ typedef enum VixRegValueDataType { * Use as: * * VIX_DEBUG(("test debug message: %s %d\n", stringArg, intArg)); - * + * * Output will go to logfile if VIX_DEBUG_PREFERENCE_NAME is non-zero * * VIX_DEBUG_LEVEL(3, ("test debug message: %s %d\n", stringArg, intArg)); * * Output will go to logfile if VIX_DEBUG_PREFERENCE_NAME is >= * the first argument to the macro. - * + * *----------------------------------------------------------------------------- */ @@ -728,7 +739,7 @@ extern VixError VixLogError(VixError err, const char *function, int line, #ifdef __cplusplus } // extern "C" { -#endif +#endif #endif // _VIXOpenSource_h_ diff --git a/open-vm-tools/lib/include/vm_product_versions.h b/open-vm-tools/lib/include/vm_product_versions.h index e0124b732..a17711710 100644 --- a/open-vm-tools/lib/include/vm_product_versions.h +++ b/open-vm-tools/lib/include/vm_product_versions.h @@ -345,7 +345,7 @@ # if defined(__APPLE__) # define PRODUCT_LICENSE_VERSION PRODUCT_MAC_DESKTOP_VERSION_STRING_FOR_LICENSE # else -# define PRODUCT_LICENSE_VERSION "9.0" +# define PRODUCT_LICENSE_VERSION "10.0" # endif # elif defined(VMX86_VPX) # define PRODUCT_LICENSE_VERSION "5.0" diff --git a/open-vm-tools/lib/include/vmci_sockets.h b/open-vm-tools/lib/include/vmci_sockets.h index e45e20ddd..7fa3d03b5 100644 --- a/open-vm-tools/lib/include/vmci_sockets.h +++ b/open-vm-tools/lib/include/vmci_sockets.h @@ -619,7 +619,7 @@ struct uuid_2_cid { static inline int VMCISock_GetAFValueFd(int *outFd) { int fd; - int family; + int family = -1; #if defined(linux) /*