Date: Sat, 12 Apr 2008 12:54:54 -0400 From: Coleman Kane <cokane@FreeBSD.org> To: ports@FreeBSD.org Cc: imp@FreeBSD.org Subject: CFT: Fix crashing in security/seahorse port Message-ID: <1208019294.10093.16.camel@localhost>
next in thread | raw e-mail | index | archive | help
--=-d00jM/pMQ226WAaWeYSs
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Hello ports people,
I'm attaching a patch that I've been working on to solve the problem of
the latest GNOME 2.22.x seahorse crashing (seahorse-agent,
seahorse-daemon, etc...) when the user is trying to use the keyring. The
problem arises because gnome-keyring attempts to use mlock() to
lock-down some secure memory for password storage, but this requires
superuser privileges on FreeBSD. Because of this, gnome-keyring returns
a NULL pointer when the alloc returns, but seahorse doesn't check this
value. It proceeds, instead, to attempt to use this pointer.
The patch will correct this behavior by checking the return value of a
small memory allocation to gnome_keyring_memory_try_alloc, during
process initialization. If the result is no a NULL pointer, then it
performs the desired remapping of the g_malloc, g_free, and other
functions so that they may use secure memory. If the return value is
NULL, then the remappings aren't performed and a warning is issued with
g_warning that informs the user that their seahorse system is using
unsecured memory for password storage.
I'd like to have some testers to ensure that it works fine in a more
general case, so send me your reports (and maybe copy gnome@ as well).
Unless it breaks something more, I'll commit it in the next couple days.
--
Coleman Kane
--=-d00jM/pMQ226WAaWeYSs
Content-Disposition: attachment; filename=security_seahorse-no-mlock.patch
Content-Type: text/x-patch; name=security_seahorse-no-mlock.patch;
charset=UTF-8
Content-Transfer-Encoding: 7bit
diff --git a/security/seahorse/Makefile b/security/seahorse/Makefile
index a065a09..d5d417f 100644
--- a/security/seahorse/Makefile
+++ b/security/seahorse/Makefile
@@ -8,6 +8,7 @@
PORTNAME= seahorse
PORTVERSION= 2.22.1
+PORTREVISION= 1
CATEGORIES= security gnome
MASTER_SITES= GNOME
DIST_SUBDIR= gnome2
diff --git a/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c
new file mode 100644
index 0000000..4a6300b
--- /dev/null
+++ b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.c
@@ -0,0 +1,42 @@
+--- libseahorse/seahorse-secure-memory.c.orig 2008-04-12 12:09:58.000000000 -0400
++++ libseahorse/seahorse-secure-memory.c 2008-04-12 12:10:05.000000000 -0400
+@@ -97,13 +97,31 @@
+ void
+ seahorse_secure_memory_init ()
+ {
+- GMemVTable vtable;
+-
+- memset (&vtable, 0, sizeof (vtable));
+- vtable.malloc = switch_malloc;
+- vtable.realloc = switch_realloc;
+- vtable.free = switch_free;
+- vtable.calloc = switch_calloc;
+- g_mem_set_vtable (&vtable);
++ if (seahorse_try_gk_secure_memory() == TRUE) {
++ GMemVTable vtable;
++
++ memset (&vtable, 0, sizeof (vtable));
++ vtable.malloc = switch_malloc;
++ vtable.realloc = switch_realloc;
++ vtable.free = switch_free;
++ vtable.calloc = switch_calloc;
++ g_mem_set_vtable (&vtable);
++ } else {
++ g_warning ("Unable to allocate secure memory from gnome-keyring.\n");
++ g_warning ("Proceeding with insecure password memory instead.\n");
++ }
+ }
+
++gboolean
++seahorse_try_gk_secure_memory ()
++{
++ gpointer p;
++
++ p = gnome_keyring_memory_try_alloc (10);
++ if (p != NULL) {
++ gnome_keyring_memory_free (p);
++ return TRUE;
++ }
++
++ return FALSE;
++}
diff --git a/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h
new file mode 100644
index 0000000..354b563
--- /dev/null
+++ b/security/seahorse/files/patch-libseahorse_seahorse-secure-memory.h
@@ -0,0 +1,11 @@
+--- libseahorse/seahorse-secure-memory.h.orig 2008-04-11 09:33:34.000000000 -0400
++++ libseahorse/seahorse-secure-memory.h 2008-04-11 09:34:12.000000000 -0400
+@@ -34,6 +34,7 @@
+ } while (0)
+
+ /* This must be called before any glib/gtk/gnome functions */
+-void seahorse_secure_memory_init (void);
++void seahorse_secure_memory_init (void);
++gboolean seahorse_try_gk_secure_memory (void);
+
+ #endif /* _SEAHORSE_SECURE_MEMORY_H_ */
--=-d00jM/pMQ226WAaWeYSs--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1208019294.10093.16.camel>