From 6e5847809c5c4c68f916fda4351c0b5e279915ed Mon Sep 17 00:00:00 2001 From: Szczepan Zalega Date: Fri, 14 Apr 2017 12:30:16 +0200 Subject: Security: exchange strdup with strndup Keep build directory (removed in earlier commit) Signed-off-by: Szczepan Zalega --- NK_C_API.cc | 10 ++++++---- NitrokeyManager.cc | 16 +++++++++------- build/.gitignore | 1 + 3 files changed, 16 insertions(+), 11 deletions(-) create mode 100644 build/.gitignore diff --git a/NK_C_API.cc b/NK_C_API.cc index 16099db..5d8c3f4 100644 --- a/NK_C_API.cc +++ b/NK_C_API.cc @@ -6,6 +6,8 @@ using namespace nitrokey; static uint8_t NK_last_command_status = 0; +static const int max_string_field_length = 100; + template T* duplicate_vector_and_clear(std::vector &v){ @@ -171,7 +173,7 @@ NK_C_API const char * NK_status() { auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_status_as_string(); - char * rs = strdup(s.c_str()); + char * rs = strndup(s.c_str(), max_string_field_length); clear_string(s); return rs; }); @@ -181,7 +183,7 @@ NK_C_API const char * NK_device_serial_number(){ auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_serial_number(); - char * rs = strdup(s.c_str()); + char * rs = strndup(s.c_str(), max_string_field_length); clear_string(s); return rs; }); @@ -195,7 +197,7 @@ NK_C_API const char * NK_get_hotp_code_PIN(uint8_t slot_number, const char *user auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_HOTP_code(slot_number, user_temporary_password); - char * rs = strdup(s.c_str()); + char * rs = strndup(s.c_str(), max_string_field_length); clear_string(s); return rs; }); @@ -211,7 +213,7 @@ NK_C_API const char * NK_get_totp_code_PIN(uint8_t slot_number, uint64_t challen auto m = NitrokeyManager::instance(); return get_with_string_result([&](){ string && s = m->get_TOTP_code(slot_number, challenge, last_totp_time, last_interval, user_temporary_password); - char * rs = strdup(s.c_str()); + char * rs = strndup(s.c_str(), max_string_field_length); clear_string(s); return rs; }); diff --git a/NitrokeyManager.cc b/NitrokeyManager.cc index faeaf03..60c1a24 100644 --- a/NitrokeyManager.cc +++ b/NitrokeyManager.cc @@ -472,11 +472,13 @@ namespace nitrokey{ return get_slot_name(slot_number); } - const char * NitrokeyManager::get_slot_name(uint8_t slot_number) { + static const int max_string_field_length = 100; + + const char * NitrokeyManager::get_slot_name(uint8_t slot_number) { auto payload = get_payload(); payload.slot_number = slot_number; auto resp = GetSlotName::CommandTransaction::run(device, payload); - return strdup((const char *) resp.data().slot_name); + return strndup((const char *) resp.data().slot_name, max_string_field_length); } bool NitrokeyManager::first_authenticate(const char *pin, const char *temporary_password) { @@ -583,7 +585,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotName::CommandTransaction::run(device, p); - return strdup((const char *) response.data().slot_name); + return strndup((const char *) response.data().slot_name, max_string_field_length); } bool NitrokeyManager::is_valid_password_safe_slot_number(uint8_t slot_number) const { return slot_number < 16; } @@ -593,7 +595,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotLogin::CommandTransaction::run(device, p); - return strdup((const char *) response.data().slot_login); + return strndup((const char *) response.data().slot_login, max_string_field_length); } const char *NitrokeyManager::get_password_safe_slot_password(uint8_t slot_number) { @@ -601,7 +603,7 @@ namespace nitrokey{ auto p = get_payload(); p.slot_number = slot_number; auto response = GetPasswordSafeSlotPassword::CommandTransaction::run(device, p); - return strdup((const char *) response.data().slot_password); //FIXME use secure way + return strndup((const char *) response.data().slot_password, max_string_field_length); //FIXME use secure way } void NitrokeyManager::write_password_safe_slot(uint8_t slot_number, const char *slot_name, const char *slot_login, @@ -816,7 +818,7 @@ namespace nitrokey{ const char * NitrokeyManager::get_status_storage_as_string(){ auto p = stick20::GetDeviceStatus::CommandTransaction::run(device); - return strdup(p.data().dissect().c_str()); + return strndup(p.data().dissect().c_str(), max_string_field_length); } stick20::DeviceConfigurationResponsePacket::ResponsePayload NitrokeyManager::get_status_storage(){ @@ -826,7 +828,7 @@ namespace nitrokey{ const char * NitrokeyManager::get_SD_usage_data_as_string(){ auto p = stick20::GetSDCardOccupancy::CommandTransaction::run(device); - return strdup(p.data().dissect().c_str()); + return strndup(p.data().dissect().c_str(), max_string_field_length); } std::pair NitrokeyManager::get_SD_usage_data(){ diff --git a/build/.gitignore b/build/.gitignore new file mode 100644 index 0000000..72e8ffc --- /dev/null +++ b/build/.gitignore @@ -0,0 +1 @@ +* -- cgit v1.2.1