From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Wed, 3 Jan 2024 11:05:49 +0000 (+0200)
Subject: lib-dcrypt: Use buffer_clear_space_safe() instead of buffer_set_used_size()
X-Git-Tag: 2.4.0~1844
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d3080efeef8052697fa02428aab3df96045ca796;p=thirdparty%2Fdovecot%2Fcore.git

lib-dcrypt: Use buffer_clear_space_safe() instead of buffer_set_used_size()

spatch change with buffer-clear-safe.cocci and manual fixes
---

diff --git a/coccinelle/buffer-clear-safe.cocci b/coccinelle/buffer-clear-safe.cocci
new file mode 100644
index 0000000000..3b66d0c54e
--- /dev/null
+++ b/coccinelle/buffer-clear-safe.cocci
@@ -0,0 +1,7 @@
+@@
+expression E;
+@@
+
+-safe_memset(buffer_get_modifiable_data(E, NULL), 0, E->used);
+-buffer_set_used_size(E, 0);
++buffer_clear_safe(E);
diff --git a/src/lib-dcrypt/dcrypt-openssl1.c b/src/lib-dcrypt/dcrypt-openssl1.c
index 812ae481a8..298f41b771 100644
--- a/src/lib-dcrypt/dcrypt-openssl1.c
+++ b/src/lib-dcrypt/dcrypt-openssl1.c
@@ -1018,8 +1018,7 @@ dcrypt_openssl_decrypt_point_v1(buffer_t *data, buffer_t *key, BIGNUM **point_r,
 	dcrypt_openssl_ctx_sym_destroy(&dctx);
 
 	*point_r = BN_bin2bn(tmp->data, tmp->used, NULL);
-	safe_memset(buffer_get_modifiable_data(tmp, NULL), 0,tmp->used);
-	buffer_set_used_size(key, 0);
+	buffer_clear_safe(key);
 
 	if (*point_r == NULL)
 		return dcrypt_openssl_error(error_r);
@@ -1050,8 +1049,7 @@ dcrypt_openssl_decrypt_point_ec_v1(struct dcrypt_private_key *dec_key,
 	/* run it thru SHA256 once */
 	unsigned char digest[SHA256_DIGEST_LENGTH];
 	SHA256(secret->data, secret->used, digest);
-	safe_memset(buffer_get_modifiable_data(secret, NULL), 0, secret->used);
-	buffer_set_used_size(secret, 0);
+	buffer_clear_safe(secret);
 	buffer_create_from_const_data(&key, digest, SHA256_DIGEST_LENGTH);
 
 	/* then use this as key */
@@ -1338,7 +1336,7 @@ dcrypt_openssl_load_private_key_dovecot_v2(struct dcrypt_private_key **key_r,
 		peer_key = t_buffer_create(strlen(input[8])/2);
 		secret = t_buffer_create(128);
 
-		buffer_set_used_size(data, 0);
+		buffer_clear_safe(data);
 		hex_to_binary(input[4], salt);
 		hex_to_binary(input[8], peer_key);
 		hex_to_binary(input[7], data);
@@ -1401,9 +1399,7 @@ dcrypt_openssl_load_private_key_dovecot_v2(struct dcrypt_private_key **key_r,
 			RSA_free(rsa);
 			return dcrypt_openssl_error(error_r);
 		}
-		safe_memset(buffer_get_modifiable_data(key_data, NULL),
-			    0, key_data->used);
-		buffer_set_used_size(key_data, 0);
+		buffer_clear_safe(key_data);
 		EVP_PKEY *pkey = EVP_PKEY_new();
 		if (pkey == NULL) {
 			RSA_free(rsa);
@@ -1425,9 +1421,7 @@ dcrypt_openssl_load_private_key_dovecot_v2(struct dcrypt_private_key **key_r,
 			return dcrypt_openssl_error(error_r);
 		}
 		EC_KEY *eckey = EC_KEY_new_by_curve_name(nid);
-		safe_memset(buffer_get_modifiable_data(key_data, NULL),
-			    0, key_data->used);
-		buffer_set_used_size(key_data, 0);
+		buffer_clear_safe(key_data);
 		BN_CTX *bnctx = BN_CTX_new();
 		if (eckey == NULL || bnctx == NULL) {
 			BN_free(point);
@@ -2291,7 +2285,7 @@ dcrypt_openssl_encrypt_private_key_dovecot(buffer_t *key, int enctype,
 				     peer_key->data, peer_key->used);
 		str_append_c(destination, ':');
 
-		buffer_set_used_size(peer_key, 0);
+		buffer_clear_safe(peer_key);
 		if (!dcrypt_openssl_public_key_id(enc_key, "sha256",
 						  peer_key, error_r))
 			return FALSE;
@@ -2390,7 +2384,7 @@ dcrypt_openssl_store_private_key_dovecot(struct dcrypt_private_key *key,
 
 	/* append public key id */
 	str_append_c(destination, ':');
-	buffer_set_used_size(buf, 0);
+	buffer_clear_safe(buf);
 	bool res = dcrypt_openssl_private_key_id(key, "sha256", buf, error_r);
 	binary_to_hex_append(destination, buf->data, buf->used);
 
diff --git a/src/lib-dcrypt/dcrypt-openssl3.c b/src/lib-dcrypt/dcrypt-openssl3.c
index 91287fd252..267326a260 100644
--- a/src/lib-dcrypt/dcrypt-openssl3.c
+++ b/src/lib-dcrypt/dcrypt-openssl3.c
@@ -1091,8 +1091,7 @@ dcrypt_openssl_decrypt_point_v1(buffer_t *data, buffer_t *key, BIGNUM **point_r,
 	dcrypt_openssl_ctx_sym_destroy(&dctx);
 
 	*point_r = BN_bin2bn(tmp->data, tmp->used, NULL);
-	safe_memset(buffer_get_modifiable_data(tmp, NULL), 0, tmp->used);
-	buffer_set_used_size(key, 0);
+	buffer_clear_safe(key);
 
 	if (*point_r == NULL)
 		return dcrypt_openssl_error(error_r);
@@ -1123,8 +1122,7 @@ dcrypt_openssl_decrypt_point_ec_v1(struct dcrypt_private_key *dec_key,
 	/* run it thru SHA256 once */
 	unsigned char digest[SHA256_DIGEST_LENGTH];
 	SHA256(secret->data, secret->used, digest);
-	safe_memset(buffer_get_modifiable_data(secret, NULL), 0, secret->used);
-	buffer_set_used_size(secret, 0);
+	buffer_clear_safe(secret);
 	buffer_create_from_const_data(&key, digest, SHA256_DIGEST_LENGTH);
 
 	/* then use this as key */
@@ -1370,7 +1368,7 @@ dcrypt_openssl_load_private_key_dovecot_v2(struct dcrypt_private_key **key_r,
 		peer_key = t_buffer_create(strlen(input[8])/2);
 		secret = t_buffer_create(128);
 
-		buffer_set_used_size(data, 0);
+		buffer_clear_safe(data);
 		hex_to_binary(input[4], salt);
 		hex_to_binary(input[8], peer_key);
 		hex_to_binary(input[7], data);
@@ -2247,7 +2245,7 @@ dcrypt_openssl_encrypt_private_key_dovecot(buffer_t *key, int enctype,
 				     peer_key->data, peer_key->used);
 		str_append_c(destination, ':');
 
-		buffer_set_used_size(peer_key, 0);
+		buffer_clear_safe(peer_key);
 		if (!dcrypt_openssl_public_key_id(enc_key, "sha256",
 						  peer_key, error_r))
 			return FALSE;
@@ -2344,7 +2342,7 @@ dcrypt_openssl_store_private_key_dovecot(struct dcrypt_private_key *key,
 
 	/* append public key id */
 	str_append_c(destination, ':');
-	buffer_set_used_size(buf, 0);
+	buffer_clear_safe(buf);
 	bool res = dcrypt_openssl_private_key_id(key, "sha256", buf, error_r);
 	binary_to_hex_append(destination, buf->data, buf->used);
 
@@ -3085,7 +3083,7 @@ static void dcrypt_x962_remove_der(buffer_t *signature_r)
 	if (len_s < len_r)
 		buffer_append_c(new_sig, 0x0);
 	buffer_append(new_sig, data + offset_s, len_s);
-	buffer_set_used_size(signature_r, 0);
+	buffer_clear_safe(signature_r);
 	buffer_append_buf(signature_r, new_sig, 0, new_sig->used);
 }
 
@@ -3112,7 +3110,7 @@ static bool dcrypt_x962_add_der(buffer_t *signature_r)
 	sk_ASN1_TYPE_unshift(seq, t_s);
 	unsigned char *ptr = NULL;
 	len = i2d_ASN1_SEQUENCE_ANY(seq, &ptr);
-	buffer_set_used_size(signature_r, 0);
+	buffer_clear_safe(signature_r);
 	buffer_append(signature_r, ptr, len);
 	OPENSSL_free(ptr);
 	sk_ASN1_TYPE_free(seq);
diff --git a/src/lib-dcrypt/istream-decrypt.c b/src/lib-dcrypt/istream-decrypt.c
index b6c90b993f..416d67f788 100644
--- a/src/lib-dcrypt/istream-decrypt.c
+++ b/src/lib-dcrypt/istream-decrypt.c
@@ -671,8 +671,7 @@ i_stream_decrypt_header_contents(struct decrypt_istream *stream,
 		stream->use_mac = FALSE;
 	}
 	/* destroy private key data */
-	safe_memset(buffer_get_modifiable_data(keydata, 0), 0, keydata->used);
-	buffer_set_used_size(keydata, 0);
+	buffer_clear_safe(keydata);
 	return failed ? -1 : 1;
 }
 
@@ -900,9 +899,7 @@ i_stream_decrypt_read(struct istream_private *stream)
 				continue;
 			} else {
 				/* clean up buffer */
-				safe_memset(buffer_get_modifiable_data(dstream->buf, 0),
-					    0, dstream->buf->used);
-				buffer_set_used_size(dstream->buf, 0);
+				buffer_clear_safe(dstream->buf);
 				i_stream_skip(stream->parent, hret);
 			}
 
diff --git a/src/lib-dcrypt/ostream-encrypt.c b/src/lib-dcrypt/ostream-encrypt.c
index 7129ebdfbb..c31d31961c 100644
--- a/src/lib-dcrypt/ostream-encrypt.c
+++ b/src/lib-dcrypt/ostream-encrypt.c
@@ -513,7 +513,7 @@ o_stream_encrypt_sendv(struct ostream_private *stream,
 		size_t bl, off = 0, len = iov[i].iov_len;
 		const unsigned char *ptr = iov[i].iov_base;
 		while(len > 0) {
-			buffer_set_used_size(&buf, 0);
+			buffer_clear_safe(&buf);
 			/* update can emite twice the size of input */
 			bl = I_MIN(sizeof(ciphertext)/2, len);
 
@@ -591,7 +591,7 @@ o_stream_encrypt_finalize(struct ostream_private *stream)
 	}
 
 	/* write last mac bytes */
-	buffer_set_used_size(buf, 0);
+	buffer_clear_safe(buf);
 	if ((estream->flags & IO_STREAM_ENC_INTEGRITY_HMAC) ==
 		IO_STREAM_ENC_INTEGRITY_HMAC) {
 		if (!dcrypt_ctx_hmac_final(estream->ctx_mac, buf, &error)) {