Skip to content

Commit

Permalink
Use secure_strdup for trimming
Browse files Browse the repository at this point in the history
  • Loading branch information
paolostivanin committed Nov 15, 2021
1 parent 0956d0d commit 9e4aaab
Show file tree
Hide file tree
Showing 8 changed files with 31 additions and 21 deletions.
24 changes: 19 additions & 5 deletions src/common/common.c
Original file line number Diff line number Diff line change
Expand Up @@ -99,17 +99,31 @@ json_object_get_hash (json_t *obj)
return hash;
}

void
g_trim_whitespace (gchar *str)
gchar *
secure_strdup (const gchar *src)
{
gchar *sec_buf = gcry_calloc_secure (strlen (src) + 1, 1);
memcpy (sec_buf, src, strlen (src) + 1);

return sec_buf;
}


gchar *
g_trim_whitespace (const gchar *str)
{
if (g_utf8_strlen (str, -1) == 0) {
return;
return NULL;
}
gchar *sec_buf = gcry_calloc_secure (strlen (str) + 1, 1);
int pos = 0;
for (int i = 0; str[i]; i++) {
if (str[i] != ' ') {
str[pos++] = str[i];
sec_buf[pos++] = str[i];
}
}
str[pos] = '\0';
sec_buf[pos] = '\0';
gcry_realloc (sec_buf, g_utf8_strlen(sec_buf, -1) + 1);

return sec_buf;
}
4 changes: 3 additions & 1 deletion src/common/common.h
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ guint32 jenkins_one_at_a_time_hash (const gchar *key,

guint32 json_object_get_hash (json_t *obj);

void g_trim_whitespace (gchar *str);
gchar *secure_strdup (const gchar *src);

gchar *g_trim_whitespace (const gchar *str);

G_END_DECLS
10 changes: 0 additions & 10 deletions src/gui-common.c
Original file line number Diff line number Diff line change
Expand Up @@ -26,16 +26,6 @@ get_row_number_from_iter (GtkListStore *list_store,
}


gchar *
secure_strdup (const gchar *src)
{
gchar *sec_buf = gcry_calloc_secure (strlen (src) + 1, 1);
memcpy (sec_buf, src, strlen (src) + 1);

return sec_buf;
}


json_t *
build_json_obj (const gchar *type,
const gchar *acc_label,
Expand Down
2 changes: 0 additions & 2 deletions src/gui-common.h
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,6 @@ void icon_press_cb (GtkEntry *entry,
guint get_row_number_from_iter (GtkListStore *list_store,
GtkTreeIter iter);

gchar *secure_strdup (const gchar *src);

json_t *build_json_obj (const gchar *type,
const gchar *acc_label,
const gchar *acc_iss,
Expand Down
9 changes: 6 additions & 3 deletions src/parse-data.c
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#include <gtk/gtk.h>
#include <string.h>
#include <jansson.h>
#include <gcrypt.h>
#include "otpclient.h"
#include "db-misc.h"
#include "manual-add-cb.h"
Expand Down Expand Up @@ -47,9 +48,9 @@ parse_user_data (Widgets *widgets,
const gchar *counter = gtk_entry_get_text (GTK_ENTRY (widgets->counter_entry));
gboolean period_active = gtk_widget_get_sensitive (widgets->period_entry);
gboolean counter_active = gtk_widget_get_sensitive (widgets->counter_entry);
g_trim_whitespace (acc_key);
if (is_input_valid (widgets->dialog, acc_label, acc_iss, acc_key, digits, period, period_active, counter, counter_active)) {
obj = get_json_obj (widgets, acc_label, acc_iss, acc_key, digits, period, counter);
gchar *acc_key_trimmed = g_trim_whitespace (acc_key);
if (is_input_valid (widgets->dialog, acc_label, acc_iss, acc_key_trimmed, digits, period, period_active, counter, counter_active)) {
obj = get_json_obj (widgets, acc_label, acc_iss, acc_key_trimmed, digits, period, counter);
guint32 hash = json_object_get_hash (obj);
if (g_slist_find_custom (db_data->objects_hash, GUINT_TO_POINTER (hash), check_duplicate) == NULL) {
db_data->objects_hash = g_slist_append (db_data->objects_hash, g_memdupX (&hash, sizeof (guint)));
Expand All @@ -58,8 +59,10 @@ parse_user_data (Widgets *widgets,
g_print ("[INFO] Duplicate element not added\n");
}
} else {
gcry_free (acc_key_trimmed);
return FALSE;
}
gcry_free (acc_key_trimmed);
return TRUE;
}

Expand Down
1 change: 1 addition & 0 deletions src/password-cb.c
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
#include "message-dialogs.h"
#include "get-builder.h"
#include "otpclient.h"
#include "common/common.h"

typedef struct _entrywidgets {
GtkWidget *entry_old;
Expand Down
1 change: 1 addition & 0 deletions src/qrcode-parser.c
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
#include <png.h>
#include <glib/gstdio.h>
#include "gui-common.h"
#include "common/common.h"

typedef struct _image_data_t {
gulong width;
Expand Down
1 change: 1 addition & 0 deletions src/webcam-add-cb.c
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
#include "message-dialogs.h"
#include "add-common.h"
#include "get-builder.h"
#include "common/common.h"


typedef struct _config_data {
Expand Down

0 comments on commit 9e4aaab

Please sign in to comment.