From 1a961917c458b847fc27b1aa03a82b2b5605b4cb Mon Sep 17 00:00:00 2001 From: Vsevolod Stakhov Date: Wed, 1 May 2019 16:36:49 +0100 Subject: [PATCH] [Minor] Wipe memory in rspamadm --- src/libserver/cfg_file.h | 5 +++-- src/libserver/cfg_utils.c | 2 +- src/lua/lua_common.c | 42 ++++++++++++++++++++++++++++++++++++--- src/lua/lua_common.h | 2 +- src/rspamadm/rspamadm.c | 2 +- test/rspamd_lua_test.c | 2 +- 6 files changed, 46 insertions(+), 9 deletions(-) diff --git a/src/libserver/cfg_file.h b/src/libserver/cfg_file.h index 278a0a466..8a1798b97 100644 --- a/src/libserver/cfg_file.h +++ b/src/libserver/cfg_file.h @@ -474,8 +474,9 @@ gboolean rspamd_parse_bind_line (struct rspamd_config *cfg, enum rspamd_config_init_flags { - RSPAMD_CONFIG_INIT_DEFAULT = 0, - RSPAMD_CONFIG_INIT_SKIP_LUA = (1 << 0) + RSPAMD_CONFIG_INIT_DEFAULT = 0u, + RSPAMD_CONFIG_INIT_SKIP_LUA = (1u << 0u), + RSPAMD_CONFIG_INIT_WIPE_LUA_MEM = (1u << 1u), }; /** * Init default values diff --git a/src/libserver/cfg_utils.c b/src/libserver/cfg_utils.c index 84268dc73..308fb654e 100644 --- a/src/libserver/cfg_utils.c +++ b/src/libserver/cfg_utils.c @@ -201,7 +201,7 @@ rspamd_config_new (enum rspamd_config_init_flags flags) cfg->max_word_len = DEFAULT_MAX_WORD; if (!(flags & RSPAMD_CONFIG_INIT_SKIP_LUA)) { - cfg->lua_state = rspamd_lua_init (); + cfg->lua_state = rspamd_lua_init (flags & RSPAMD_CONFIG_INIT_WIPE_LUA_MEM); cfg->own_lua_state = TRUE; cfg->lua_thread_pool = lua_thread_pool_new (cfg->lua_state); } diff --git a/src/lua/lua_common.c b/src/lua/lua_common.c index 81fac3640..b83b68bf0 100644 --- a/src/lua/lua_common.c +++ b/src/lua/lua_common.c @@ -870,12 +870,48 @@ lua_push_trace_data (lua_State *L) } #endif + + +static void * +rspamd_lua_wipe_realloc (void *ud, + void *ptr, + size_t osize, + size_t nsize) RSPAMD_ATTR_ALLOC_SIZE(4); +static void * +rspamd_lua_wipe_realloc (void *ud, + void *ptr, + size_t osize, + size_t nsize) +{ + if (nsize == 0) { + if (ptr) { + rspamd_explicit_memzero (ptr, osize); + } + + free (ptr); + } + else if (ptr == NULL) { + return malloc (nsize); + } + else { + return realloc (ptr, nsize); + } + + return NULL; +} + lua_State * -rspamd_lua_init () +rspamd_lua_init (bool wipe_mem) { lua_State *L; - L = luaL_newstate (); + if (wipe_mem) { + L = lua_newstate (rspamd_lua_wipe_realloc, NULL); + } + else { + L = luaL_newstate (); + } + luaL_openlibs (L); luaopen_logger (L); luaopen_mempool (L); @@ -984,7 +1020,7 @@ rspamd_init_lua_locked (struct rspamd_config *cfg) struct lua_locked_state *new; new = g_malloc0 (sizeof (struct lua_locked_state)); - new->L = rspamd_lua_init (); + new->L = rspamd_lua_init (false); new->m = rspamd_mutex_new (); return new; diff --git a/src/lua/lua_common.h b/src/lua/lua_common.h index 5ff5cc8bf..a755bb90f 100644 --- a/src/lua/lua_common.h +++ b/src/lua/lua_common.h @@ -165,7 +165,7 @@ gpointer rspamd_lua_check_class (lua_State *L, gint index, const gchar *name); /** * Initialize lua and bindings */ -lua_State *rspamd_lua_init (void); +lua_State *rspamd_lua_init (bool wipe_mem); /** diff --git a/src/rspamadm/rspamadm.c b/src/rspamadm/rspamadm.c index f3760ce3e..f4fabfc9f 100644 --- a/src/rspamadm/rspamadm.c +++ b/src/rspamadm/rspamadm.c @@ -370,7 +370,7 @@ main (gint argc, gchar **argv, gchar **env) ucl_vars = g_hash_table_new_full (rspamd_strcase_hash, rspamd_strcase_equal, g_free, g_free); process_quark = g_quark_from_static_string ("rspamadm"); - cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT); + cfg = rspamd_config_new (RSPAMD_CONFIG_INIT_DEFAULT|RSPAMD_CONFIG_INIT_WIPE_LUA_MEM); cfg->libs_ctx = rspamd_init_libs (); rspamd_main = g_malloc0 (sizeof (*rspamd_main)); rspamd_main->cfg = cfg; diff --git a/test/rspamd_lua_test.c b/test/rspamd_lua_test.c index ad40ef488..d2a5ba2f5 100644 --- a/test/rspamd_lua_test.c +++ b/test/rspamd_lua_test.c @@ -58,7 +58,7 @@ traceback (lua_State *L) void rspamd_lua_test_func (void) { - lua_State *L = rspamd_lua_init (); + lua_State *L = rspamd_lua_init (false); gchar *rp, rp_buf[PATH_MAX], path_buf[PATH_MAX], *tmp, *dir, *pattern; const gchar *old_path; glob_t globbuf; -- 2.39.5