From: Michael Poole Date: Sun, 7 Nov 2004 21:04:59 +0000 (+0000) Subject: Fix memory leaks from ircd_crypt and epoll support. X-Git-Url: http://git.pk910.de/?a=commitdiff_plain;h=920d7ed630551844ee38eb2dcf1f1af168f84c4f;p=ircu2.10.12-pk.git Fix memory leaks from ircd_crypt and epoll support. git-svn-id: file:///home/klmitch/undernet-ircu/undernet-ircu-svn/ircu2/trunk@1264 c9e4aea6-c8fd-4c43-8297-357d70d61c8c --- diff --git a/ChangeLog b/ChangeLog index 4c47782..1e04319 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,18 @@ +2004-11-07 Michael Poole + + * include/ircd_crypt.h (ircd_crypt): This should return char*, not + const char*, since it does not own the returned pointer. + + * ircd/ircd_crypt.c (ircd_crypt): Change return type. + + * ircd/ircd_crypt_smd5.c (irc_crypt_smd5): Make passwd a static + field since it is returned but this function must own the buffer. + + * ircd/m_oper.c (oper_password_match): Free the string returned by + ircd_crypt(). + + * ircd/engine_epoll.c (engine_loop): Fix a memory leak. + 2004-11-07 Michael Poole * acinclude.m4: Look for a 64-bit integer type. diff --git a/include/ircd_crypt.h b/include/ircd_crypt.h index 0e69a45..94d14b8 100644 --- a/include/ircd_crypt.h +++ b/include/ircd_crypt.h @@ -59,7 +59,7 @@ struct crypt_mechs_s { /* exported functions */ extern void ircd_crypt_init(void); -extern const char* ircd_crypt(const char* key, const char* salt); +extern char* ircd_crypt(const char* key, const char* salt); extern int ircd_crypt_register_mech(crypt_mech_t* mechanism); extern int ircd_crypt_unregister_mech(crypt_mech_t* mechanism); diff --git a/ircd/engine_epoll.c b/ircd/engine_epoll.c index ffee671..257e70d 100644 --- a/ircd/engine_epoll.c +++ b/ircd/engine_epoll.c @@ -314,6 +314,7 @@ engine_loop(struct Generators *gen) } timer_run(); } + MyFree(events); } /** Descriptor for dpoll event engine. */ diff --git a/ircd/ircd_crypt.c b/ircd/ircd_crypt.c index 98ee588..c96c564 100644 --- a/ircd/ircd_crypt.c +++ b/ircd/ircd_crypt.c @@ -121,13 +121,13 @@ return 0; /** Wrapper for generating a hashed password passed on the supplied password * @param key Pointer to the password we want crypted * @param salt Pointer to the password we're comparing to (for the salt) - * @return Pointer to the generated password. - * + * @return Pointer to the generated password (must be MyFree()'d). + * * This is a wrapper function which attempts to establish the password - * format and funnel it off to the correct mechanism handler function. The + * format and funnel it off to the correct mechanism handler function. The * returned password is compared in the oper_password_match() routine. */ -const char* ircd_crypt(const char* key, const char* salt) +char* ircd_crypt(const char* key, const char* salt) { char *hashed_pass = NULL; const char *temp_hashed_pass, *mysalt; diff --git a/ircd/ircd_crypt_smd5.c b/ircd/ircd_crypt_smd5.c index 68b78d8..af583ff 100644 --- a/ircd/ircd_crypt_smd5.c +++ b/ircd/ircd_crypt_smd5.c @@ -83,7 +83,8 @@ static void to64(char *s, unsigned long v, int n) const char* ircd_crypt_smd5(const char* key, const char* salt) { const char *magic = "$1$"; -char *passwd, *p; +static char passwd[120]; +char *p; const char *sp, *ep; unsigned char final[16]; int sl, pl, i, j; @@ -99,11 +100,6 @@ unsigned long l; /* Refine the Salt first */ ep = sp = salt; - if(NULL == (passwd = (char *)MyMalloc(120))) - return NULL; - - memset(passwd, 0, 120); - for (ep = sp; *ep && *ep != '$' && ep < (sp + 8); ep++) continue; @@ -140,9 +136,8 @@ unsigned long l; else MD5Update(&ctx, (unsigned const char *)key+j, 1); - /* Now make the output string - strcpy(passwd, magic); - strncat(passwd, sp, sl); */ + /* Now make the output string. */ + memset(passwd, 0, 120); strncpy(passwd, sp, sl); strcat(passwd, "$"); diff --git a/ircd/m_oper.c b/ircd/m_oper.c index 47ee825..d0e85a1 100644 --- a/ircd/m_oper.c +++ b/ircd/m_oper.c @@ -84,6 +84,7 @@ #include "client.h" #include "hash.h" #include "ircd.h" +#include "ircd_alloc.h" #include "ircd_features.h" #include "ircd_log.h" #include "ircd_reply.h" @@ -105,6 +106,8 @@ int oper_password_match(const char* to_match, const char* passwd) { + char *crypted; + int res; /* * use first two chars of the password they send in as salt * @@ -116,12 +119,13 @@ int oper_password_match(const char* to_match, const char* passwd) /* we no longer do a CRYPT_OPER_PASSWORD check because a clear text passwords just handled by a fallback mechanism called crypt_clear if it's enabled -- hikari */ - to_match = ircd_crypt(to_match, passwd); + crypted = ircd_crypt(to_match, passwd); if (to_match == NULL) return 0; - else - return (0 == strcmp(to_match, passwd)); + res = strcmp(crypted, passwd); + MyFree(crypted); + return 0 == res; } /*