Bug Debug 242407. Check size of passcode before allocating memory.
Fix RemoveSecret offsets + Debug statements.
This commit is contained in:
parent
2267f07397
commit
d262d18b6f
@ -61,12 +61,16 @@ namespace sscs.verbs
|
||||
// get destroy flag
|
||||
int iDestroySrcCache = BitConverter.ToInt32(inBuf, 38);
|
||||
|
||||
CSSSLogger.DbgLog(" SRC LUID found: " + luidHigh.ToString() + ":"+ luidLow.ToString());
|
||||
CSSSLogger.DbgLog("Target LUID found: " + targetLuidHigh.ToString() +":" + targetLuidLow.ToString());
|
||||
|
||||
|
||||
#if W32
|
||||
// only allow the merge if the calling process is "System"
|
||||
WinUserIdentifier callingUser = (WinUserIdentifier)userId;
|
||||
if ((callingUser.GetUIDLow() == 999) && (callingUser.GetUIDHigh() == 0))
|
||||
{
|
||||
CSSSLogger.DbgLog("Caller is system process");
|
||||
|
||||
// get the store for the src
|
||||
try
|
||||
@ -97,6 +101,7 @@ namespace sscs.verbs
|
||||
}
|
||||
else
|
||||
{
|
||||
CSSSLogger.DbgLog("Caller is NOT system process, Merge not allowed!");
|
||||
retCode = IPCRetCodes.SSCS_E_INVALID_INPUT;
|
||||
}
|
||||
#else
|
||||
|
@ -167,7 +167,7 @@ namespace sscs.verbs
|
||||
{
|
||||
secret = keyChain.GetSecret(secretId);
|
||||
KeyValue kv = secret.GetKeyValue(key);
|
||||
if (kv != null)
|
||||
if ((kv != null) && (kv.GetValue().Length > 0))
|
||||
{
|
||||
string valStr = secret.GetKeyValue(key).GetValue();
|
||||
val = Encoding.UTF8.GetBytes(valStr);
|
||||
|
@ -103,11 +103,14 @@ namespace sscs.verbs
|
||||
byte[] secretIdArr = new byte[secretIdLen];
|
||||
Array.Copy(inBuf,(10+keyChainIdLen+4),secretIdArr,0,secretIdLen);
|
||||
secretId = Encoding.UTF8.GetString(secretIdArr);
|
||||
|
||||
|
||||
CSSSLogger.DbgLog("Deleting secret id: " + secretId);
|
||||
|
||||
try
|
||||
{
|
||||
{
|
||||
CSSSLogger.DbgLog("Looking for extention");
|
||||
// get extension ID
|
||||
int extLocation = 14 + ((int)keyChainIdLen) + ((int)secretIdLen);
|
||||
int extLocation = 18 + ((int)keyChainIdLen) + ((int)secretIdLen);
|
||||
extId = BitConverter.ToUInt32(inBuf, extLocation);
|
||||
}
|
||||
catch (Exception)
|
||||
@ -122,8 +125,11 @@ namespace sscs.verbs
|
||||
// This is how the Login Capture module on windows, running as System, sets the Desktop Credential.
|
||||
// we might be able to change this if/when we abstract the session.
|
||||
// [4 byte extID][4 byte length][4 byte luidLow][4 byte luidHigh]
|
||||
luidLow = BitConverter.ToInt32(inBuf, 14 + ((int)keyChainIdLen)+((int)secretIdLen) + 8);
|
||||
luidHigh = BitConverter.ToInt32(inBuf, 14 + ((int)keyChainIdLen)+((int)secretIdLen) + 12);
|
||||
luidLow = BitConverter.ToInt32(inBuf, 18 + ((int)keyChainIdLen)+((int)secretIdLen) + 8);
|
||||
luidHigh = BitConverter.ToInt32(inBuf, 18 + ((int)keyChainIdLen)+((int)secretIdLen) + 12);
|
||||
|
||||
CSSSLogger.DbgLog("Extension found: " + luidHigh.ToString() + ":" + luidLow.ToString());
|
||||
|
||||
tempUserId = new WinUserIdentifier(luidLow, luidHigh);
|
||||
SecretStore ss = SessionManager.CreateUserSession(tempUserId);
|
||||
try
|
||||
|
@ -78,31 +78,39 @@ namespace sscs.verbs
|
||||
throw new FormatException(" MsgLen sent does not match the length of the message received.");
|
||||
passcodeType = BitConverter.ToUInt32(inBuf,6);
|
||||
passcodeLen = BitConverter.ToUInt32(inBuf,10);
|
||||
byte[] tempArr = new byte[passcodeLen];
|
||||
Array.Copy(inBuf,14,tempArr,0,passcodeLen);
|
||||
passcode = Encoding.UTF8.GetString(tempArr);
|
||||
// Message Format decipher - End
|
||||
|
||||
try
|
||||
{
|
||||
SecretStore ssStore = null;
|
||||
ssStore = SessionManager.GetUserSecretStore(userId);
|
||||
ssStore.PauseFileWatcher();
|
||||
if(ssStore.SetMasterPasscode(passcode))
|
||||
retCode = IPCRetCodes.SSCS_REPLY_SUCCESS;
|
||||
else
|
||||
retCode = IPCRetCodes.SSCS_E_SETTING_PASSCODE_FAILED;
|
||||
ssStore.ResumeFileWatcher();
|
||||
}
|
||||
catch(UserNotInSessionException)
|
||||
|
||||
if (passcodeLen < 64)
|
||||
{
|
||||
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore" );
|
||||
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
|
||||
byte[] tempArr = new byte[passcodeLen];
|
||||
Array.Copy(inBuf, 14, tempArr, 0, passcodeLen);
|
||||
passcode = Encoding.UTF8.GetString(tempArr);
|
||||
// Message Format decipher - End
|
||||
|
||||
try
|
||||
{
|
||||
SecretStore ssStore = null;
|
||||
ssStore = SessionManager.GetUserSecretStore(userId);
|
||||
ssStore.PauseFileWatcher();
|
||||
if (ssStore.SetMasterPasscode(passcode))
|
||||
retCode = IPCRetCodes.SSCS_REPLY_SUCCESS;
|
||||
else
|
||||
retCode = IPCRetCodes.SSCS_E_SETTING_PASSCODE_FAILED;
|
||||
ssStore.ResumeFileWatcher();
|
||||
}
|
||||
catch (UserNotInSessionException)
|
||||
{
|
||||
CSSSLogger.DbgLog("In " + CSSSLogger.GetExecutionPath(this) + " Unable to get user's secretstore");
|
||||
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
CSSSLogger.ExpLog(e.ToString());
|
||||
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
|
||||
}
|
||||
}
|
||||
catch(Exception e)
|
||||
else
|
||||
{
|
||||
CSSSLogger.ExpLog(e.ToString());
|
||||
retCode = IPCRetCodes.SSCS_E_SYSTEM_ERROR;
|
||||
retCode = IPCRetCodes.SSCS_E_INVALID_INPUT;
|
||||
}
|
||||
|
||||
try
|
||||
|
Loading…
Reference in New Issue
Block a user