[Minor] Wipe memory in rspamadm

author Vsevolod Stakhov <vsevolod@highsecure.ru>

Wed, 1 May 2019 15:36:49 +0000 (16:36 +0100)

committer Vsevolod Stakhov <vsevolod@highsecure.ru>

Wed, 1 May 2019 15:36:49 +0000 (16:36 +0100)
author Vsevolod Stakhov <vsevolod@highsecure.ru>
Wed, 1 May 2019 15:36:49 +0000 (16:36 +0100)
committer Vsevolod Stakhov <vsevolod@highsecure.ru>
Wed, 1 May 2019 15:36:49 +0000 (16:36 +0100)
diff --git a/src/libserver/cfg_file.h b/src/libserver/cfg_file.h

index 278a0a466172537ec7c25277d1a0064eba346ade..8a1798b975aa4e7ebd4eeb6062c67892c3b82272 100644 (file)
--- a/src/libserver/cfg_file.h
+++ b/src/libserver/cfg_file.h
@@ -474,8 +474,9 @@ gboolean rspamd_parse_bind_line (struct rspamd_config *cfg,
  
  
  enum rspamd_config_init_flags {
-       RSPAMD_CONFIG_INIT_DEFAULT = 0,
-       RSPAMD_CONFIG_INIT_SKIP_LUA = (1 << 0)
+       RSPAMD_CONFIG_INIT_DEFAULT = 0u,
+       RSPAMD_CONFIG_INIT_SKIP_LUA = (1u << 0u),
+       RSPAMD_CONFIG_INIT_WIPE_LUA_MEM = (1u << 1u),
  };
  /**
   * Init default values
diff --git a/src/libserver/cfg_utils.c b/src/libserver/cfg_utils.c

index 84268dc73f1efd4449cd4724c1fd16fd53ca5866..308fb654e47fb0c7dff9985c438c9c3fd33d1b87 100644 (file)
--- a/src/libserver/cfg_utils.c
+++ b/src/libserver/cfg_utils.c
@@ -201,7 +201,7 @@ rspamd_config_new (enum rspamd_config_init_flags flags)
         cfg->max_word_len = DEFAULT_MAX_WORD;
  
         if (!(flags & RSPAMD_CONFIG_INIT_SKIP_LUA)) {
-               cfg->lua_state = rspamd_lua_init ();
+               cfg->lua_state = rspamd_lua_init (flags & RSPAMD_CONFIG_INIT_WIPE_LUA_MEM);
                 cfg->own_lua_state = TRUE;
                 cfg->lua_thread_pool = lua_thread_pool_new (cfg->lua_state);
         }
diff --git a/src/lua/lua_common.c b/src/lua/lua_common.c

index 81fac36403055b04f0c5a0159547f54bd216ffb5..b83b68bf0799f8f92fc432a206283a11292fe30e 100644 (file)
--- a/src/lua/lua_common.c
+++ b/src/lua/lua_common.c
@@ -870,12 +870,48 @@ lua_push_trace_data (lua_State *L)
  }
  #endif
  
+
+
+static void *
+rspamd_lua_wipe_realloc (void *ud,
+                                                void *ptr,
+                                                size_t osize,
+                                                size_t nsize) RSPAMD_ATTR_ALLOC_SIZE(4);
+static void *
+rspamd_lua_wipe_realloc (void *ud,
+                                                void *ptr,
+                                                size_t osize,
+                                                size_t nsize)
+{
+       if (nsize == 0) {
+               if (ptr) {
+                       rspamd_explicit_memzero (ptr, osize);
+               }
+
+               free (ptr);
+       }
+       else if (ptr == NULL) {
+               return malloc (nsize);
+       }
+       else {
+               return realloc (ptr, nsize);
+       }
+
+       return NULL;
+}
+
  lua_State *
-rspamd_lua_init ()
+rspamd_lua_init (bool wipe_mem)
  {
         lua_State *L;
  
-       L = luaL_newstate ();
+       if (wipe_mem) {
+               L = lua_newstate (rspamd_lua_wipe_realloc, NULL);
+       }
+       else {
+               L = luaL_newstate ();
+       }
+
         luaL_openlibs (L);
         luaopen_logger (L);
         luaopen_mempool (L);
@@ -984,7 +1020,7 @@ rspamd_init_lua_locked (struct rspamd_config *cfg)
         struct lua_locked_state *new;
  
         new = g_malloc0 (sizeof (struct lua_locked_state));
-       new->L = rspamd_lua_init ();
+       new->L = rspamd_lua_init (false);
         new->m = rspamd_mutex_new ();
  
         return new;
diff --git a/src/lua/lua_common.h b/src/lua/lua_common.h

index 5ff5cc8bf77689daeff37a908c8c83911a3ab740..a755bb90f516466034a55660a782edca518a64c7 100644 (file)
--- a/src/lua/lua_common.h
+++ b/src/lua/lua_common.h
@@ -165,7 +165,7 @@ gpointer rspamd_lua_check_class (lua_State *L, gint index, const gchar *name);
  /**
   * Initialize lua and bindings
   */
-lua_State *rspamd_lua_init (void);
+lua_State *rspamd_lua_init (bool wipe_mem);
  
  
  /**
diff --git a/src/rspamadm/rspamadm.c b/src/rspamadm/rspamadm.c

index f3760ce3e46c1b707d48d342d2e8af7eee54f20d..f4fabfc9fe1036643ed91cf4da2e6c32f35e6aad 100644 (file)
--- a/src/rspamadm/rspamadm.c
+++ b/src/rspamadm/rspamadm.c
@@ -370,7 +370,7 @@ main (gint argc, gchar **argv, gchar **env)
         ucl_vars = g_hash_table_new_full (rspamd_strcase_hash,
                 rspamd_strcase_equal, g_free, g_free);
         process_quark = g_quark_from_static_string ("rspamadm");
-       cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT);
+       cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT|RSPAMD_CONFIG_INIT_WIPE_LUA_MEM);
         cfg->libs_ctx = rspamd_init_libs ();
         rspamd_main = g_malloc0 (sizeof (*rspamd_main));
         rspamd_main->cfg = cfg;
diff --git a/test/rspamd_lua_test.c b/test/rspamd_lua_test.c

index ad40ef488ad5b1dab36e6c1a5f328906c40a4d3e..d2a5ba2f5d898da614c5d7d76f0718f6f1b3b9c8 100644 (file)
--- a/test/rspamd_lua_test.c
+++ b/test/rspamd_lua_test.c
@@ -58,7 +58,7 @@ traceback (lua_State *L)
  void
  rspamd_lua_test_func (void)
  {
-       lua_State *L = rspamd_lua_init ();
+       lua_State *L = rspamd_lua_init (false);
         gchar *rp, rp_buf[PATH_MAX], path_buf[PATH_MAX], *tmp, *dir, *pattern;
         const gchar *old_path;
         glob_t globbuf;
author	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Wed, 1 May 2019 15:36:49 +0000 (16:36 +0100)
committer	Vsevolod Stakhov <vsevolod@highsecure.ru>
	Wed, 1 May 2019 15:36:49 +0000 (16:36 +0100)
src/libserver/cfg_file.h		patch \| blob \| blame \| history
src/libserver/cfg_utils.c		patch \| blob \| blame \| history
src/lua/lua_common.c		patch \| blob \| blame \| history
src/lua/lua_common.h		patch \| blob \| blame \| history
src/rspamadm/rspamadm.c		patch \| blob \| blame \| history
test/rspamd_lua_test.c		patch \| blob \| blame \| history