Re: Build infrastructure for storing NTLM creds in kernel keyring

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 29 Jul 2010 17:52:35 +0400
"Igor Druzhinin" <jaxbrigs@xxxxxxxxx> wrote:

> Hello,
> I've created a mirror cifs-utils repository where is embedded cifscreds 
> utility. I've fixed a few bugs and added multilanguage support for it. Now 
> it is locale-dependent, but then I plan to use the UCS-2 encoding. You can 
> use the option --enable-cifscreds=yes of configure script to build 
> cifscreds. I've also moved resolve_host routine in a separate file and made 
> appropriate patches.
> 
> git://gitorious.org/cifs-utils/cifs-utils.git
> 
> Regards,
> Igor Druzhinin
> 

(cc'ing David Howells since he wrote most of the keyctl stuff and may be interested)

Sorry that it has taken me a while to review this, I've been a bit
swamped with work.

First, it looks like there are some problems with newlines. The new
files that were added seem to have CR+LF line terminators. There are
also quite a few whitespace problems in there -- spaces leading tabs,
etc. In general, we follow kernel coding style with cifs-utils, so
running your patches through checkpatch.pl in the kernel sources is a
good idea.

Also, I don't see much need for the MULTI_LANG ifdef's. Is there any
reason not to make it always use MULTI_LANG? If so, I'd remove the code
that's ifdef'ed out.

There are also several routines that seem to already be in libc. For
instance, wstrtolower seems to do the same thing as towlower. I'd
suggest using libc routines rather than rolling your own where possible.

On to the code...

----------------[snip]---------------
        /* find the best fit command */
        best = NULL;
        n = strnlen(argv[1], MAX_COMMAND_SIZE);

        for (cmd = commands; cmd->action; cmd++) {
                if (memcmp(cmd->name, argv[1], n) != 0)
                        continue;
----------------[snip]---------------

This looks a little dangerous. Sure, you're bounds checking the
strnlen, but think about what happens if someone passes in a long
string as the command:

memcmp("add", "reallylongcommandstring", strlen("reallylongcommandstring"));

That memcmp is going to walk off the end of "add". Depending on how the
memory is allocated, it could segfault.

In cifscreds_add:

                        if (keyctl(KEYCTL_SETPERM, key, KEY_POS_VIEW | KEY_POS_WRITE | \
                                   KEY_USR_VIEW | KEY_USR_WRITE) < 0)
                                fprintf(stderr, "error: Setting permissons on key\n");

...would it be safer to attempt to remove the key if we can't set perms
on it?

That's all I've got time to review at the moment. Have you made any
progress with the kernel piece for this?

Nice work so far!
-- 
Jeff Layton <jlayton@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-cifs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux