HAVE_WRITABLE_ARGV is set if argv[] is writable on the system, and then

we attempt to hide some of the more sensitive command line arguments
2003-01-29 13:16:03 +00:00 · 2003-01-29 13:16:03 +00:00 · 7f67a28c2a
parent 30a46e1135
commit 7f67a28c2a
3 changed files with 38 additions and 0 deletions
--- a/configure.in
+++ b/configure.in
@ -318,6 +318,22 @@ if test -n "$RANDOM_FILE" ; then
        [a suitable file to read random data from])
 fi

+dnl **********************************************************************
+dnl Check if the operating system allows programs to write to their own argv[]
+dnl **********************************************************************
+
+AC_MSG_CHECKING([if argv can be written to])
+AC_TRY_RUN([
+int main(int argc, char ** argv) {
+	argv[0][0] = ' ';
+	return (argv[0][0] == ' ')?0:1;
+}
+	],
+	AC_DEFINE(HAVE_WRITABLE_ARGV, 1, [Define this symbol if your OS supports changing the contents of argv])
+	AC_MSG_RESULT(yes),
+	AC_MSG_RESULT(no)
+)
+
 dnl **********************************************************************
 dnl Check for the presence of Kerberos4 libraries and headers
 dnl **********************************************************************
--- a/src/config.h.in
+++ b/src/config.h.in
@ -35,3 +35,6 @@
 /* Define if you have the `poll' function. */
 #undef HAVE_POLL

+/* Define if you can write to argc[] strings */
+#undef HAVE_WRITABLE_ARGV
+
--- a/src/main.c
+++ b/src/main.c
@ -970,6 +970,21 @@ typedef enum {
  PARAM_LAST
 } ParameterError;

+static void cleanarg(char *str)
+{
+#ifdef HAVE_WRITABLE_ARGV
+  /* now that GetStr has copied the contents of nextarg, wipe the next
+   * argument out so that the username:password isn't displayed in the
+   * system process list */
+  if (str) {
+    size_t len = strlen(str);
+    memset(str, ' ', len);
+  }
+#else
+  (void)str;
+#endif
+}
+
 static ParameterError getparameter(char *flag, /* f or -long-flag */
                                   char *nextarg, /* NULL if unset */
                                   bool *usedarg, /* set to TRUE if the arg
@ -1398,6 +1413,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
        break;
      case 'e': /* private key passphrase */
        GetStr(&config->key_passwd, nextarg);
+        cleanarg(nextarg);
        break;
      case 'f': /* crypto engine */
        GetStr(&config->engine, nextarg);
@ -1432,6 +1448,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
            GetStr(&config->key_passwd, ptr);
          }
          GetStr(&config->cert, nextarg);
+          cleanarg(nextarg);
        }
      }
      break;
@ -1627,10 +1644,12 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
    case 'u':
      /* user:password  */
      GetStr(&config->userpwd, nextarg);
+      cleanarg(nextarg);
      break;
    case 'U':
      /* Proxy user:password  */
      GetStr(&config->proxyuserpwd, nextarg);
+      cleanarg(nextarg);
      break;
    case 'v':
      config->conf ^= CONF_VERBOSE; /* talk a lot */