From 939caf2a4fb27a1652ca60873551c94377203188 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Wed, 23 Aug 2023 01:44:18 +0000
Subject: [PATCH 02/10] !2116 clean up sensitive information in memory * clean
 up sensitive information in memory

---
 src/client/connect/rest/rest_images_client.c  |  2 ++
 .../entry/connect/grpc/grpc_images_service.cc |  2 ++
 .../entry/connect/rest/rest_images_service.c  |  3 +++
 src/daemon/modules/image/oci/registry/auths.c |  2 ++
 .../modules/image/oci/registry/http_request.c | 18 +++++++------
 .../image/oci/registry/registry_apiv2.c       |  2 +-
 src/daemon/modules/image/oci/registry_type.c  |  2 +-
 src/utils/cutils/utils_array.c                | 27 +++++++++++++++++++
 src/utils/cutils/utils_array.h                |  4 +++
 src/utils/http/http.c                         |  2 +-
 10 files changed, 53 insertions(+), 11 deletions(-)

diff --git a/src/client/connect/rest/rest_images_client.c b/src/client/connect/rest/rest_images_client.c
index 726d5ba5..ea7934af 100644
--- a/src/client/connect/rest/rest_images_client.c
+++ b/src/client/connect/rest/rest_images_client.c
@@ -618,6 +618,7 @@ static int image_login_request_to_rest(const struct isula_login_request *request
 
 out:
     free(err);
+    util_memset_sensitive_string(crequest->password);
     free_image_login_request(crequest);
     return ret;
 }
@@ -654,6 +655,7 @@ out:
     if (output != NULL) {
         buffer_free(output);
     }
+    util_memset_sensitive_string(body);
     put_body(body);
     return ret;
 }
diff --git a/src/daemon/entry/connect/grpc/grpc_images_service.cc b/src/daemon/entry/connect/grpc/grpc_images_service.cc
index b1ca98b8..f078711e 100644
--- a/src/daemon/entry/connect/grpc/grpc_images_service.cc
+++ b/src/daemon/entry/connect/grpc/grpc_images_service.cc
@@ -517,6 +517,8 @@ Status ImagesServiceImpl::Login(ServerContext *context, const LoginRequest *requ
     (void)cb->image.login(image_req, &image_res);
     response_to_grpc(image_res, reply);
 
+    util_memset_sensitive_string(image_req->password);
+
     free_image_login_request(image_req);
     free_image_login_response(image_res);
 
diff --git a/src/daemon/entry/connect/rest/rest_images_service.c b/src/daemon/entry/connect/rest/rest_images_service.c
index bd367f29..d7d77826 100644
--- a/src/daemon/entry/connect/rest/rest_images_service.c
+++ b/src/daemon/entry/connect/rest/rest_images_service.c
@@ -19,6 +19,7 @@
 #include "isula_libutils/log.h"
 #include "callback.h"
 #include "image.rest.h"
+#include "utils.h"
 #include "rest_service_common.h"
 
 /* image load request check */
@@ -569,6 +570,7 @@ static int image_login_request_from_rest(evhtp_request_t *req, image_login_reque
     }
 
 out:
+    util_memset_sensitive_string(body);
     put_body(body);
     free(err);
     return ret;
@@ -629,6 +631,7 @@ static void rest_image_login_cb(evhtp_request_t *req, void *arg)
     evhtp_send_image_login_repsponse(req, cresponse, RESTFUL_RES_OK);
 
 out:
+    util_memset_sensitive_string(crequest->password);
     free_image_login_request(crequest);
     free_image_login_response(cresponse);
 }
diff --git a/src/daemon/modules/image/oci/registry/auths.c b/src/daemon/modules/image/oci/registry/auths.c
index ce67d51b..1fbe2bd3 100644
--- a/src/daemon/modules/image/oci/registry/auths.c
+++ b/src/daemon/modules/image/oci/registry/auths.c
@@ -213,6 +213,7 @@ int auths_load(char *host, char **username, char **password)
     }
 
 out:
+    // it is not nessasary to clean auths, because it has been encrypted and load from file.
     free_registry_auths(auths);
     auths = NULL;
     free(err);
@@ -397,6 +398,7 @@ int auths_save(char *host, char *username, char *password)
     }
 
 out:
+    // it is not nessasary to clean auth, auths and json, because it has been encrypted and write to file.
     free(json);
     json = NULL;
     free_registry_auths(auths);
diff --git a/src/daemon/modules/image/oci/registry/http_request.c b/src/daemon/modules/image/oci/registry/http_request.c
index f29c2017..10b8bf3c 100644
--- a/src/daemon/modules/image/oci/registry/http_request.c
+++ b/src/daemon/modules/image/oci/registry/http_request.c
@@ -164,11 +164,11 @@ static char *encode_auth(const char *username, const char *password)
     }
 
 out:
-    free(auth);
+    util_free_sensitive_string(auth);
     auth = NULL;
 
     if (ret != 0) {
-        free(auth_base64);
+        util_free_sensitive_string(auth_base64);
         auth_base64 = NULL;
     }
 
@@ -236,10 +236,10 @@ static char *basic_auth_header(const char *schema, const char *username, const c
     }
 
 out:
-    free(auth_base64);
+    util_free_sensitive_string(auth_base64);
     auth_base64 = NULL;
     if (ret != 0) {
-        free(auth_header);
+        util_free_sensitive_string(auth_header);
         auth_header = NULL;
     }
 
@@ -273,7 +273,7 @@ static int setup_auth_basic(pull_descriptor *desc, char ***custom_headers)
     }
 
 out:
-    free(auth_header);
+    util_free_sensitive_string(auth_header);
     auth_header = NULL;
 
     return ret;
@@ -297,7 +297,7 @@ static int get_bearer_token(pull_descriptor *desc, challenge *c)
         return 0;
     }
 
-    free(c->cached_token);
+    util_free_sensitive_string(c->cached_token);
     c->cached_token = NULL;
     c->expires_time = 0;
 
@@ -317,8 +317,10 @@ static int get_bearer_token(pull_descriptor *desc, challenge *c)
 
     if (token->token != NULL) {
         c->cached_token = util_strdup_s(token->token);
+        util_memset_sensitive_string(token->token);
     } else if (token->access_token != NULL) {
         c->cached_token = util_strdup_s(token->access_token);
+        util_memset_sensitive_string(token->access_token);
     } else {
         ret = -1;
         ERROR("no valid token found");
@@ -399,7 +401,7 @@ static int setup_auth_challenges(pull_descriptor *desc, char ***custom_headers)
             goto out;
         }
         count++;
-        free(auth_header);
+        util_free_sensitive_string(auth_header);
         auth_header = NULL;
     }
 
@@ -408,7 +410,7 @@ static int setup_auth_challenges(pull_descriptor *desc, char ***custom_headers)
     }
 
 out:
-    free(auth_header);
+    util_free_sensitive_string(auth_header);
     auth_header = NULL;
 
     return ret;
diff --git a/src/daemon/modules/image/oci/registry/registry_apiv2.c b/src/daemon/modules/image/oci/registry/registry_apiv2.c
index d5bfa723..885302cb 100644
--- a/src/daemon/modules/image/oci/registry/registry_apiv2.c
+++ b/src/daemon/modules/image/oci/registry/registry_apiv2.c
@@ -193,7 +193,7 @@ static int parse_auth(pull_descriptor *desc, char *auth)
     }
 
 out:
-    free(origin_tmp_auth);
+    util_free_sensitive_string(origin_tmp_auth);
     origin_tmp_auth = NULL;
 
     return ret;
diff --git a/src/daemon/modules/image/oci/registry_type.c b/src/daemon/modules/image/oci/registry_type.c
index 51fc1697..4556617f 100644
--- a/src/daemon/modules/image/oci/registry_type.c
+++ b/src/daemon/modules/image/oci/registry_type.c
@@ -32,7 +32,7 @@ void free_challenge(challenge *c)
     c->realm = NULL;
     free(c->service);
     c->service = NULL;
-    free(c->cached_token);
+    util_free_sensitive_string(c->cached_token);
     c->cached_token = NULL;
     c->expires_time = 0;
 
diff --git a/src/utils/cutils/utils_array.c b/src/utils/cutils/utils_array.c
index 4e2ed6fd..2d7dc556 100644
--- a/src/utils/cutils/utils_array.c
+++ b/src/utils/cutils/utils_array.c
@@ -38,6 +38,22 @@ void util_free_array_by_len(char **array, size_t len)
     free(array);
 }
 
+void util_free_sensitive_array_by_len(char **array, size_t len)
+{
+    size_t i = 0;
+
+    if (array == NULL) {
+        return;
+    }
+
+    for (; i < len; i++) {
+        util_free_sensitive_string(array[i]);
+        array[i] = NULL;
+    }
+
+    free(array);
+}
+
 size_t util_array_len(const char **array)
 {
     const char **pos;
@@ -60,6 +76,17 @@ void util_free_array(char **array)
     free(array);
 }
 
+void util_free_sensitive_array(char **array)
+{
+    char **p;
+
+    for (p = array; p != NULL && *p != NULL; p++) {
+        util_free_sensitive_string(*p);
+        *p = NULL;
+    }
+    free(array);
+}
+
 int util_array_append(char ***array, const char *element)
 {
     size_t len;
diff --git a/src/utils/cutils/utils_array.h b/src/utils/cutils/utils_array.h
index de465d2a..c1403f85 100644
--- a/src/utils/cutils/utils_array.h
+++ b/src/utils/cutils/utils_array.h
@@ -36,6 +36,10 @@ int util_grow_array(char ***orig_array, size_t *orig_capacity, size_t size,
 
 int util_array_append(char ***array, const char *element);
 
+void util_free_sensitive_array(char **array);
+
+void util_free_sensitive_array_by_len(char **array, size_t len);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/src/utils/http/http.c b/src/utils/http/http.c
index 6759a28d..2b77c422 100644
--- a/src/utils/http/http.c
+++ b/src/utils/http/http.c
@@ -65,7 +65,7 @@ void free_http_get_options(struct http_get_options *options)
     free(options->unix_socket_path);
     options->unix_socket_path = NULL;
 
-    util_free_array(options->custom_headers);
+    util_free_sensitive_array(options->custom_headers);
     options->custom_headers = NULL;
 
     free(options->ca_file);
-- 
2.25.1