From 4da77dcb10c74c4f369d731addf19c6a065e0684 Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Thu, 23 Aug 2018 14:07:58 +0200 Subject: Added address sanitization and fixed found bugs --- GNUmakefile | 8 +++++++- src/client.c | 3 ++- src/proxy.c | 21 +++++---------------- src/session.c | 5 ++--- 4 files changed, 16 insertions(+), 21 deletions(-) diff --git a/GNUmakefile b/GNUmakefile index 38004ed..00f18ad 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -1,5 +1,5 @@ CC=clang -DEBUG=-g +DEBUG=-g -fsanitize=address CFLAGS= ${DEBUG} -Wall -Werror -Wextra -Weverything -Wno-disabled-macro-expansion sources=$(wildcard src/*.c) @@ -22,6 +22,12 @@ clean: @sed -e 's/.*://' -e 's/\\$$//' < $*.d.tmp | fmt -1 | sed -e 's/^ *//' -e 's/$$/:/' >> $*.d @rm -f $*.d.tmp +# You must compile without -fsanitize=address to use valgrind valgrind: valgrind --leak-check=full --show-leak-kinds=all --trace-children=yes --suppressions=${HOME}/.valgrind_suppressions ./bastion #valgrind -v --leak-check=full --show-leak-kinds=all --trace-children=yes --suppressions=${HOME}/.valgrind_suppressions --gen-suppressions=yes ./bastion + +debug: + ASAN_OPTIONS=allow_user_segv_handler=true:detect_leaks=true:fast_unwind_on_malloc=0:check_initialization_order=1:suppressions=asan.supp \ + ASAN_SYMBOLIZER_PATH=/usr/lib/llvm-6.0/bin/llvm-symbolizer \ + ./bastion diff --git a/src/client.c b/src/client.c index 64df1eb..d7ecca6 100644 --- a/src/client.c +++ b/src/client.c @@ -139,6 +139,7 @@ struct client_channel_data_struct* client_dial(ssh_event event, struct proxy_cha } cdata->client_channel_cb = malloc(sizeof(*cdata->client_channel_cb)); + memset(cdata->client_channel_cb, 0, sizeof(*cdata->client_channel_cb)); cdata->client_channel_cb->userdata = cdata; cdata->client_channel_cb->channel_data_function = client_data_function; cdata->client_channel_cb->channel_eof_function = client_channel_eof_callback; @@ -160,7 +161,7 @@ struct client_channel_data_struct* client_dial(ssh_event event, struct proxy_cha channel_clean: ssh_channel_free(cdata->my_channel); auth_clean: - // TODO + // TODO when pubkey match implemented fix this //pubkey_nomatch_clean: ssh_string_free_char(hexa); pubkey_hash_clean: diff --git a/src/proxy.c b/src/proxy.c index bfeeed8..3bbecf3 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -104,7 +104,7 @@ static int proxy_subsystem_request(ssh_session session, ssh_channel channel, (void) channel; (void) subsystem; (void) userdata; - return SSH_ERROR; // TODO + return SSH_ERROR; // TODO ssh subsystem request //if (ssh_channel_is_open(pdata->client_channel)) { //} } @@ -190,21 +190,10 @@ void handle_proxy_session(ssh_event event, ssh_session session, ssh_channel my_c .channel_pty_window_change_function = proxy_pty_resize, .channel_exec_request_function = proxy_exec_request, .channel_subsystem_request_function = proxy_subsystem_request, - /** This function will be called when a client requests agent - * authentication forwarding. - */ - //ssh_channel_auth_agent_req_callback channel_auth_agent_req_function; - /** This function will be called when a client requests X11 - * forwarding. - */ - //ssh_channel_x11_req_callback channel_x11_req_function; - /** This function will be called when a client requests an environment - * variable to be set. - */ - /** This function will be called when the channel write is guaranteed - * not to block. - */ - // .channel_write_wontblock_function = proxy_channel_write_wontblock, + .channel_auth_agent_req_function = NULL, + .channel_x11_req_function = NULL, + .channel_env_request_function = NULL, + .channel_write_wontblock_function = NULL, }; ssh_callbacks_init(&channel_cb); ssh_set_channel_callbacks(my_channel, &channel_cb); diff --git a/src/session.c b/src/session.c index 22d10de..1031f7d 100644 --- a/src/session.c +++ b/src/session.c @@ -30,7 +30,7 @@ static int auth_pubkey(ssh_session session, const char *user, // TODO check for an invite - ssh_key reference_key = ssh_key_new(); + ssh_key reference_key; ssh_pki_import_pubkey_base64(USER_RSA_PUBKEY, SSH_KEYTYPE_RSA, &reference_key); // TODO fetch all pubkeys from db if (!ssh_key_cmp(pubkey, reference_key, SSH_KEY_CMP_PUBLIC)) { sdata->authenticated = 1; @@ -41,8 +41,7 @@ static int auth_pubkey(ssh_session session, const char *user, return SSH_ERROR; } sdata->login_username = malloc(len+1); - memset(sdata->login_username, 0, len+1); - strncpy(sdata->login_username, user, len); + strncpy(sdata->login_username, user, len+1); return SSH_AUTH_SUCCESS; } else { ssh_key_free(reference_key); -- cgit v1.2.3