Zero memory holding PINs/passwords where trivially doable. Other places can pontentially hold passwords but in this patch we don't touch them if we're not sure, maybe we should. --- drivers/atmodem/call-barring.c | 19 ++++++++++++++----- drivers/atmodem/call-meter.c | 37 ++++++++++++++++++++++++++----------- src/ussd.c | 3 +++ 3 files changed, 43 insertions(+), 16 deletions(-) diff --git a/drivers/atmodem/call-barring.c b/drivers/atmodem/call-barring.c index f0ba18e..c659371 100644 --- a/drivers/atmodem/call-barring.c +++ b/drivers/atmodem/call-barring.c @@ -124,6 +124,7 @@ static void at_call_barring_set(struct ofono_modem *modem, const char *lock, struct cb_data *cbd = cb_data_new(modem, cb, data); char buf[64]; int len; + guint id; if (!cbd || strlen(lock) != 2 || (cls && !passwd)) goto error; @@ -138,8 +139,11 @@ static void at_call_barring_set(struct ofono_modem *modem, const char *lock, ",%i", cls); } - if (g_at_chat_send(at->parser, buf, none_prefix, - clck_set_cb, cbd, g_free) > 0) + id = g_at_chat_send(at->parser, buf, none_prefix, + clck_set_cb, cbd, g_free); + memset(buf, 0, len); + + if (id > 0) return; error: @@ -171,15 +175,20 @@ static void at_call_barring_set_passwd(struct ofono_modem *modem, struct at_data *at = ofono_modem_userdata(modem); struct cb_data *cbd = cb_data_new(modem, cb, data); char buf[64]; + guint id; + int len; if (!cbd || strlen(lock) != 2) goto error; - snprintf(buf, sizeof(buf), "AT+CPWD=\"%s\",\"%s\",\"%s\"", + len = snprintf(buf, sizeof(buf), "AT+CPWD=\"%s\",\"%s\",\"%s\"", lock, old_passwd, new_passwd); - if (g_at_chat_send(at->parser, buf, none_prefix, - cpwd_set_cb, cbd, g_free) > 0) + id = g_at_chat_send(at->parser, buf, none_prefix, + cpwd_set_cb, cbd, g_free); + memset(buf, 0, len); + + if (id > 0) return; error: diff --git a/drivers/atmodem/call-meter.c b/drivers/atmodem/call-meter.c index e7c55c3..cff27a5 100644 --- a/drivers/atmodem/call-meter.c +++ b/drivers/atmodem/call-meter.c @@ -175,14 +175,19 @@ static void at_cacm_set(struct ofono_modem *modem, const char *passwd, struct at_data *at = ofono_modem_userdata(modem); struct cb_data *cbd = cb_data_new(modem, cb, data); char buf[64]; + guint id; + int len; if (!cbd) goto error; - snprintf(buf, sizeof(buf), "AT+CACM=\"%s\"", passwd); + len = snprintf(buf, sizeof(buf), "AT+CACM=\"%s\"", passwd); - if (g_at_chat_send(at->parser, buf, none_prefix, - generic_set_cb, cbd, g_free) > 0) + id = g_at_chat_send(at->parser, buf, none_prefix, + generic_set_cb, cbd, g_free); + memset(buf, 0, len); + + if (id > 0) return; error: @@ -219,20 +224,25 @@ error: } } -static void at_camm_set(struct ofono_modem *modem, int accmax, const char *passwd, - ofono_generic_cb_t cb, void *data) +static void at_camm_set(struct ofono_modem *modem, int accmax, + const char *passwd, ofono_generic_cb_t cb, void *data) { struct at_data *at = ofono_modem_userdata(modem); struct cb_data *cbd = cb_data_new(modem, cb, data); char buf[64]; + guint id; + int len; if (!cbd) goto error; - sprintf(buf, "AT+CAMM=\"%06X\",\"%s\"", accmax, passwd); + len = sprintf(buf, "AT+CAMM=\"%06X\",\"%s\"", accmax, passwd); - if (g_at_chat_send(at->parser, buf, none_prefix, - generic_set_cb, cbd, g_free) > 0) + id = g_at_chat_send(at->parser, buf, none_prefix, + generic_set_cb, cbd, g_free); + memset(buf, 0, len); + + if (id > 0) return; error: @@ -313,15 +323,20 @@ static void at_cpuc_set(struct ofono_modem *modem, const char *currency, struct at_data *at = ofono_modem_userdata(modem); struct cb_data *cbd = cb_data_new(modem, cb, data); char buf[64]; + guint id; + int len; if (!cbd) goto error; - snprintf(buf, sizeof(buf), "AT+CPUC=\"%s\",\"%f\",\"%s\"", + len = snprintf(buf, sizeof(buf), "AT+CPUC=\"%s\",\"%f\",\"%s\"", currency, ppu, passwd); - if (g_at_chat_send(at->parser, buf, none_prefix, - generic_set_cb, cbd, g_free) > 0) + id = g_at_chat_send(at->parser, buf, none_prefix, + generic_set_cb, cbd, g_free); + memset(buf, 0, len); + + if (id > 0) return; error: diff --git a/src/ussd.c b/src/ussd.c index 97c3304..08b9b52 100644 --- a/src/ussd.c +++ b/src/ussd.c @@ -322,6 +322,9 @@ static gboolean recognized_control_string(struct ofono_modem *modem, if (recognized_passwd_change_string(modem, type, sc, sia, sib, sic, sid, dn, msg)) { ret = TRUE; + memset(sib, 0, strlen(sib)); + memset(sic, 0, strlen(sic)); + memset(sid, 0, strlen(sid)); goto out; } -- 1.6.0