diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2018-05-09 18:47:49 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2018-05-09 18:49:48 +0900 |
commit | 892b814059ef1ef6e092a35cf5ad494378ed5cda (patch) | |
tree | 8f18fac11610da244dc244d02789228c295a72c6 | |
parent | 8444c5da5b228a68de38e914c24b685594fb567f (diff) | |
download | auth-fw-accepted/tizen_5.0_unified.tar.gz auth-fw-accepted/tizen_5.0_unified.tar.bz2 auth-fw-accepted/tizen_5.0_unified.zip |
Fix use-after-free bugsubmit/tizen_5.0/20181101.000003submit/tizen/20180509.100419accepted/tizen/unified/20180510.070817accepted/tizen/5.0/unified/20181102.020045tizen_5.0accepted/tizen_5.0_unified
Change-Id: I35ba8a8b687024311b40796a3ae3640f1b9cd71d
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | src/server/plugin/generic-backend/ipassword-file.h | 7 | ||||
-rw-r--r-- | src/server/plugin/sw-backend/password-file.h | 7 | ||||
-rw-r--r-- | src/server/plugin/tz-backend/password-file.h | 6 | ||||
-rw-r--r-- | src/server/service/include/password-manager.h | 4 | ||||
-rw-r--r-- | src/server/service/password-manager.cpp | 13 |
5 files changed, 33 insertions, 4 deletions
diff --git a/src/server/plugin/generic-backend/ipassword-file.h b/src/server/plugin/generic-backend/ipassword-file.h index c0d26eb..33246cf 100644 --- a/src/server/plugin/generic-backend/ipassword-file.h +++ b/src/server/plugin/generic-backend/ipassword-file.h @@ -28,8 +28,15 @@ namespace AuthPasswd { constexpr time_t PASSWORD_INFINITE_EXPIRATION_TIME = std::numeric_limits<time_t>::max(); struct IPasswordFile { + IPasswordFile() = default; virtual ~IPasswordFile() = default; + IPasswordFile(const IPasswordFile&) = delete; + IPasswordFile& operator=(const IPasswordFile&) = delete; + + IPasswordFile(IPasswordFile&&) = delete; + IPasswordFile& operator=(IPasswordFile&&) = delete; + virtual void writeMemoryToFile() const = 0; virtual void writeAttemptToFile() const = 0; diff --git a/src/server/plugin/sw-backend/password-file.h b/src/server/plugin/sw-backend/password-file.h index a5097e5..15f496b 100644 --- a/src/server/plugin/sw-backend/password-file.h +++ b/src/server/plugin/sw-backend/password-file.h @@ -60,6 +60,13 @@ namespace SWBackend { class PasswordFile : public IPasswordFile { public: PasswordFile(unsigned int user); + ~PasswordFile() = default; + + PasswordFile(const PasswordFile&) = delete; + PasswordFile& operator=(const PasswordFile&) = delete; + + PasswordFile(PasswordFile&&) = delete; + PasswordFile& operator=(PasswordFile&&) = delete; void writeMemoryToFile() const override; void writeAttemptToFile() const override; diff --git a/src/server/plugin/tz-backend/password-file.h b/src/server/plugin/tz-backend/password-file.h index 7749c91..16cc04b 100644 --- a/src/server/plugin/tz-backend/password-file.h +++ b/src/server/plugin/tz-backend/password-file.h @@ -26,6 +26,12 @@ class PasswordFile : public IPasswordFile { public: PasswordFile(unsigned int user); + PasswordFile(const PasswordFile&) = delete; + PasswordFile& operator=(const PasswordFile&) = delete; + + PasswordFile(PasswordFile&&) = delete; + PasswordFile& operator=(PasswordFile&&) = delete; + void writeMemoryToFile() const override; void writeAttemptToFile() const override; diff --git a/src/server/service/include/password-manager.h b/src/server/service/include/password-manager.h index b0b604a..a63ea5d 100644 --- a/src/server/service/include/password-manager.h +++ b/src/server/service/include/password-manager.h @@ -38,10 +38,10 @@ namespace AuthPasswd { class PasswordManager final { public: - typedef std::map<unsigned int, std::shared_ptr<IPasswordFile>> PasswordFileMap; + typedef std::map<unsigned int, IPasswordFile*> PasswordFileMap; PasswordManager(); - ~PasswordManager() = default; + ~PasswordManager(); //checking functions //no const in checkPassword, attempts are update diff --git a/src/server/service/password-manager.cpp b/src/server/service/password-manager.cpp index 73dbcc1..b42320f 100644 --- a/src/server/service/password-manager.cpp +++ b/src/server/service/password-manager.cpp @@ -69,10 +69,19 @@ PasswordManager::PasswordManager() m_pluginManager.loadFactory("PasswordFileFactory", m_factory); } +PasswordManager::~PasswordManager() +{ + PasswordFileMap::iterator iter; + for (iter = m_pwdFile.begin(); iter != m_pwdFile.end(); iter++) { + if (iter->second != nullptr) + delete iter->second; + } +} + void PasswordManager::addPassword(unsigned int user) { - std::shared_ptr<IPasswordFile> passwordFile((*m_factory)(user)); - m_pwdFile.insert(PasswordFileMap::value_type(user, passwordFile)); + IPasswordFile* passwordFile = (*m_factory)(user); + m_pwdFile[user] = passwordFile; } void PasswordManager::removePassword(unsigned int user) |