Index: trunk/include/slib.h =================================================================== --- trunk/include/slib.h (revision 10) +++ trunk/include/slib.h (revision 11) @@ -147,6 +147,8 @@ */ void *sl_memset(void *s, int c, size_t n); +#if !defined(SH_REAL_SET) #undef memset #define memset sl_memset +#endif /* Index: trunk/src/sh_database.c =================================================================== --- trunk/src/sh_database.c (revision 10) +++ trunk/src/sh_database.c (revision 11) @@ -32,4 +32,6 @@ /* define this if you want to debug the Oracle database support */ /* #define DB_DEBUG */ + +#define SH_REAL_SET #include "samhain.h" Index: trunk/src/sh_error.c =================================================================== --- trunk/src/sh_error.c (revision 10) +++ trunk/src/sh_error.c (revision 11) @@ -802,5 +802,5 @@ { if (str == NULL) - memset(inet_peer, '\0', SH_MINIBUF); + inet_peer[0] = '\0'; else sl_strlcpy(inet_peer, str, SH_MINIBUF); Index: trunk/src/sh_forward.c =================================================================== --- trunk/src/sh_forward.c (revision 10) +++ trunk/src/sh_forward.c (revision 11) @@ -249,5 +249,4 @@ else { - memset (name_2, 0, SH_MINIBUF+1); first = name; while (i < SH_MINIBUF && *first != '.' && *first != '\0') @@ -256,5 +255,5 @@ ++first; ++i; } - name_2[SH_MINIBUF] = '\0'; + name_2[i] = '\0'; } } @@ -2071,5 +2070,6 @@ - +static char zap_challenge[SH_CHALLENGE_SIZE] = { 0 }; + void sh_forward_do_free (sh_conn_t * conn) { @@ -2101,5 +2101,5 @@ conn->fd = -1; } - memset(conn->challenge, '\0', SH_CHALLENGE_SIZE); + memcpy(conn->challenge, zap_challenge, SH_CHALLENGE_SIZE); conn->state = CONN_FREE; conn->headcount = 0; @@ -2118,5 +2118,9 @@ conn->FileLength = 0; conn->FileSent = 0; - memset(conn->FileType, '\0', 5); + conn->FileType[0] = '\0'; + conn->FileType[1] = '\0'; + conn->FileType[2] = '\0'; + conn->FileType[3] = '\0'; + conn->FileType[4] = '\0'; --server_status.conn_open; Index: trunk/src/sh_mem.c =================================================================== --- trunk/src/sh_mem.c (revision 10) +++ trunk/src/sh_mem.c (revision 11) @@ -32,4 +32,6 @@ #endif +#define SH_REAL_SET + #include "samhain.h" #include "sh_error.h" Index: trunk/src/sh_tiger0.c =================================================================== --- trunk/src/sh_tiger0.c (revision 10) +++ trunk/src/sh_tiger0.c (revision 11) @@ -422,6 +422,20 @@ int md5Reset(register md5Param* p) { + unsigned int i; memcpy(p->h, md5hinit, 16); - memset(p->data, 0x00, 64); + + for (i = 0; i < 16; i += 8) + { + p->data[i] = 0x00; + p->data[i+1] = 0x00; + p->data[i+2] = 0x00; + p->data[i+3] = 0x00; + p->data[i+4] = 0x00; + p->data[i+5] = 0x00; + p->data[i+6] = 0x00; + p->data[i+7] = 0x00; + } + + /* memset(p->data, 0x00, 64); */ p->offset = (uint8) 0; p->nblocks = 0; @@ -1527,5 +1541,6 @@ SL_ENTER(_("sh_tiger_hash_uint32")); - memset(out, 0, 6 * sizeof(UINT32)); + out[0] = 0; out[1] = 0; out[2] = 0; + out[3] = 0; out[4] = 0; out[5] = 0; res = sh_tiger_hash_val (filename, what, Length, 0); Index: trunk/src/sh_tools.c =================================================================== --- trunk/src/sh_tools.c (revision 10) +++ trunk/src/sh_tools.c (revision 11) @@ -78,4 +78,6 @@ #endif +#define SH_REAL_SET + #include "samhain.h" #include "sh_mem.h" @@ -121,9 +123,10 @@ char * sh_tools_safe_name (const char * instr, int flag) { + static char ctest = ~('\\'|'&'|'='|'\''); unsigned char c; const char * p; char tmp[4]; char * outstr; - int len; + int len = 1; int i = 0; unsigned char val_octal = '\0'; @@ -133,6 +136,4 @@ if (instr) len = (3 * strlen(instr)) + 4; - else - len = 1; outstr = SH_ALLOC(len); @@ -143,5 +144,12 @@ p = instr; - while (p && *p) +#if !defined(SH_USE_XML) + (void) flag; /* fix compiler warning */ +#endif + + if (!p) + goto end; + + while (*p) { c = *p; @@ -154,39 +162,41 @@ #ifdef SH_USE_XML - if (flag == 1 && (*p) == '"') - { - sprintf(&outstr[i], "=%02x", c); i+=3; ++p; /* known to fit */ - continue; - } - else if (flag == 1 && (*p) == '&') - { - sprintf(&outstr[i], "=%02x", c); i+=3; ++p; /* known to fit */ - continue; - } - else if (flag == 1 && (*p) == '<') - { /* left angle */ - sprintf(&outstr[i], "=%02x", c); i+=3; ++p; /* known to fit */ - continue; - } - else if (flag == 1 && (*p) == '>') - { /* right angle */ - sprintf(&outstr[i], "=%02x", c); i+=3; ++p; /* known to fit */ - continue; + if (flag == 1) + { + if ((*p) == '"') + { + sprintf(&outstr[i], "=%02x", c);i+=3; ++p; /* known to fit */ + continue; + } + else if ((*p) == '&') + { + sprintf(&outstr[i], "=%02x", c);i+=3; ++p; /* known to fit */ + continue; + } + else if ((*p) == '<') + { /* left angle */ + sprintf(&outstr[i], "=%02x", c);i+=3; ++p; /* known to fit */ + continue; + } + else if ((*p) == '>') + { /* right angle */ + sprintf(&outstr[i], "=%02x", c);i+=3; ++p; /* known to fit */ + continue; + } } -#else - (void) flag; /* fix compiler warning */ -#endif - - if ( (*p) != '\\' && (*p) != '&' && (*p) != '=' && (*p) != '\'') +#endif + + /* if ( (*p) != '\\' && (*p) != '&' && (*p) != '=' && (*p) != '\'') */ + if (((*p) & ctest) != 0) { + outstr[i] = *p; ++i; + ++p; + if (c < 31 || c > 126) { - sprintf(&outstr[i], "=%02x", c); i+=3; ++p;/* known to fit */ + --i; + sprintf(&outstr[i], "=%02x", c); /* known to fit */ } - else - { - outstr[i] = *p; - ++i; ++p; - } + continue; } @@ -272,5 +282,5 @@ } } - else /* *p == '&' */ + else if (*p == '&') { ++p; @@ -303,6 +313,13 @@ outstr[i] = '&'; ++i; } - } + } + else + { + outstr[i] = *p; ++i; + ++p; + } } /* while (p && *p) */ + + end: outstr[i] = '\0'; Index: trunk/src/sh_utils.c =================================================================== --- trunk/src/sh_utils.c (revision 10) +++ trunk/src/sh_utils.c (revision 11) @@ -527,4 +527,10 @@ (char)0x36, (char)0x36, (char)0x36, (char)0x36, (char)0x36, (char)0x36 }; + static char zap[KEY_BLOCK] = { + (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00, + (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00, + (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00, + (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00, (char)0x00 + }; char K[KEY_BLOCK]; char outer[KEY_BLOCK]; @@ -546,5 +552,5 @@ } - memset (K, 0x00, KEY_BLOCK); + memcpy (K, zap, KEY_BLOCK); if (sh_util_hextobinary (K, hexkey, KEY_LEN) < 0) @@ -773,28 +779,32 @@ * input for a one-way hash function. */ +UINT32 taus_svec[6]; + UINT32 taus_get (void *state1, void *state2, void *state3) { - UINT32 svec[6]; UINT32 retval; UINT32 * res; register int i; - svec[0] = taus_get_long (state1); - svec[1] = taus_get_long (state2); - svec[2] = taus_get_long (state3); - svec[3] = taus_get_long (state1); - svec[4] = taus_get_long (state2); - svec[5] = taus_get_long (state3); - - res = sh_tiger_hash_uint32 ( (char *) &svec[0], + taus_svec[0] = taus_get_long (state1); + taus_svec[1] = taus_get_long (state2); + taus_svec[2] = taus_get_long (state3); + taus_svec[3] = taus_get_long (state1); + taus_svec[4] = taus_get_long (state2); + taus_svec[5] = taus_get_long (state3); + + res = sh_tiger_hash_uint32 ( (char *) &taus_svec[0], TIGER_DATA, (unsigned long)(6 * sizeof(UINT32))); for (i = 1; i < KEY_BYT/4; ++i) - res[0] ^= res[i]; + { + res[0] ^= res[i]; + res[i] = 0; + } retval = res[0]; - memset (res, 0, KEY_BYT); - memset (svec, 0, 6 * sizeof(UINT32)); + taus_svec[0] = 0; taus_svec[1] = 0; taus_svec[2] = 0; + taus_svec[3] = 0; taus_svec[4] = 0; taus_svec[5] = 0; return retval;