aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Frameworks/SPMySQLFramework/SPMySQLFramework.xcodeproj/project.pbxproj5
-rw-r--r--Frameworks/SPMySQLFramework/Source/SPMySQLConnection.m31
-rw-r--r--Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.h12
-rw-r--r--Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.m66
4 files changed, 84 insertions, 30 deletions
diff --git a/Frameworks/SPMySQLFramework/SPMySQLFramework.xcodeproj/project.pbxproj b/Frameworks/SPMySQLFramework/SPMySQLFramework.xcodeproj/project.pbxproj
index aa7989fc..476adffe 100644
--- a/Frameworks/SPMySQLFramework/SPMySQLFramework.xcodeproj/project.pbxproj
+++ b/Frameworks/SPMySQLFramework/SPMySQLFramework.xcodeproj/project.pbxproj
@@ -13,6 +13,7 @@
507FF1E51BC0D82300104523 /* DataConversion_Tests.m in Sources */ = {isa = PBXBuildFile; fileRef = 507FF1811BC0C64100104523 /* DataConversion_Tests.m */; };
507FF23B1BC0E8CA00104523 /* SPMySQL.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 8DC2EF5B0486A6940098B216 /* SPMySQL.framework */; };
507FF23D1BC157B500104523 /* SPMySQLStringAdditions_Tests.m in Sources */ = {isa = PBXBuildFile; fileRef = 507FF23C1BC157B500104523 /* SPMySQLStringAdditions_Tests.m */; };
+ 508FDC95204329580062A9CA /* SPMySQLUtilities.m in Sources */ = {isa = PBXBuildFile; fileRef = 508FDC94204329580062A9CA /* SPMySQLUtilities.m */; };
580A331E14D75CF7000D6933 /* SPMySQLGeometryData.h in Headers */ = {isa = PBXBuildFile; fileRef = 580A331C14D75CF7000D6933 /* SPMySQLGeometryData.h */; settings = {ATTRIBUTES = (Public, ); }; };
580A331F14D75CF7000D6933 /* SPMySQLGeometryData.m in Sources */ = {isa = PBXBuildFile; fileRef = 580A331D14D75CF7000D6933 /* SPMySQLGeometryData.m */; };
583C734A17A489CC0056B284 /* SPMySQLStreamingResultStoreDelegate.h in Headers */ = {isa = PBXBuildFile; fileRef = 583C734917A489CC0056B284 /* SPMySQLStreamingResultStoreDelegate.h */; settings = {ATTRIBUTES = (Public, ); }; };
@@ -103,6 +104,7 @@
507FF1D51BC0D7D300104523 /* SPMySQL Unit Tests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = "SPMySQL Unit Tests.xctest"; sourceTree = BUILT_PRODUCTS_DIR; };
507FF1D81BC0D7D300104523 /* Info.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
507FF23C1BC157B500104523 /* SPMySQLStringAdditions_Tests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SPMySQLStringAdditions_Tests.m; sourceTree = "<group>"; };
+ 508FDC94204329580062A9CA /* SPMySQLUtilities.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = SPMySQLUtilities.m; path = Source/SPMySQLUtilities.m; sourceTree = "<group>"; };
580A331C14D75CF7000D6933 /* SPMySQLGeometryData.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = SPMySQLGeometryData.h; path = Source/SPMySQLGeometryData.h; sourceTree = "<group>"; };
580A331D14D75CF7000D6933 /* SPMySQLGeometryData.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = SPMySQLGeometryData.m; path = Source/SPMySQLGeometryData.m; sourceTree = "<group>"; };
583C734917A489CC0056B284 /* SPMySQLStreamingResultStoreDelegate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = SPMySQLStreamingResultStoreDelegate.h; path = Source/SPMySQLStreamingResultStoreDelegate.h; sourceTree = "<group>"; };
@@ -273,6 +275,7 @@
32C88DFF0371C24200C91783 /* Other Sources */ = {
isa = PBXGroup;
children = (
+ 508FDC94204329580062A9CA /* SPMySQLUtilities.m */,
584294E314CB8002000F8438 /* SPMySQLConstants.h */,
58C006C714E0B18A00AC489A /* SPMySQLUtilities.h */,
32DBCF5E0370ADEE00C91783 /* SPMySQLFramework_Prefix.pch */,
@@ -555,6 +558,7 @@
isa = PBXSourcesBuildPhase;
buildActionMask = 2147483647;
files = (
+ 508FDC96204329580062A9CA /* SPMySQLUtilities.m in Sources */,
507FF23D1BC157B500104523 /* SPMySQLStringAdditions_Tests.m in Sources */,
507FF1E51BC0D82300104523 /* DataConversion_Tests.m in Sources */,
);
@@ -582,6 +586,7 @@
58C00BD214E7459600AC489A /* Databases & Tables.m in Sources */,
586A99FC14F02E21007F82BF /* SPMySQLStreamingResult.m in Sources */,
586AA16814F30C5F007F82BF /* Convenience Methods.m in Sources */,
+ 508FDC95204329580062A9CA /* SPMySQLUtilities.m in Sources */,
584D812F15057ECD00F24774 /* SPMySQLKeepAliveTimer.m in Sources */,
584D82561509775000F24774 /* Copying.m in Sources */,
58D2A4D216EDF1C6002EB401 /* SPMySQLEmptyResult.m in Sources */,
diff --git a/Frameworks/SPMySQLFramework/Source/SPMySQLConnection.m b/Frameworks/SPMySQLFramework/Source/SPMySQLConnection.m
index b143db19..d4146f58 100644
--- a/Frameworks/SPMySQLFramework/Source/SPMySQLConnection.m
+++ b/Frameworks/SPMySQLFramework/Source/SPMySQLConnection.m
@@ -34,10 +34,7 @@
#include <pthread.h>
#include <SystemConfiguration/SCNetworkReachability.h>
#include <errno.h>
-#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h>
-#include <stdlib.h>
-#include <dlfcn.h>
#import "SPMySQLUtilities.h"
// Thread flag constant
@@ -56,7 +53,6 @@ const SPMySQLClientFlags SPMySQLConnectionOptions =
const char *SPMySQLSSLPermissibleCiphers = "DHE-RSA-AES256-SHA:AES256-SHA:DHE-RSA-AES128-SHA:AES128-SHA:AES256-RMD:AES128-RMD:DES-CBC3-RMD:DHE-RSA-AES256-RMD:DHE-RSA-AES128-RMD:DHE-RSA-DES-CBC3-RMD:RC4-SHA:RC4-MD5:DES-CBC3-SHA:DES-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC-SHA";
static void PasswordCallback(MYSQL *mysql, const char *plugin, void (^with_password)(const char *passwd));
-static errno_t LegacyMemsetS(void *ptr, rsize_t ignored, int value, rsize_t count);
@implementation SPMySQLConnection
@@ -792,16 +788,8 @@ asm(".desc ___crashreporter_info__, 0x10");
else {
NSLog(@"%s: -getCString:maxLength:encoding: failed for password!", __PRETTY_FUNCTION__);
}
-
- // memset_s is 10.9+ only - if we added a link time dependency, SP wouldn't launch on older targets
- static errno_t (*memsetPtr)(void *, rsize_t, int, rsize_t);
- static dispatch_once_t findMemsetToken;
- dispatch_once(&findMemsetToken, ^{
- memsetPtr = dlsym(RTLD_DEFAULT, "memset_s");
- if(!memsetPtr) memsetPtr = LegacyMemsetS;
- });
-
- memsetPtr(cBuffer, cLength, '\0', cLength); //clear password from memory
+
+ SPMySQLSafeEraseMemory(cBuffer, cLength); //clear password from memory
free(cBuffer);
}
@@ -1240,18 +1228,3 @@ void PasswordCallback(MYSQL *mysql, const char *plugin, void (^with_password)(co
assert(mysql && mysql->sp_context);
[(SPMySQLConnection *)mysql->sp_context _mysqlConnection:mysql wantsPassword:with_password withPlugin:plugin];
}
-
-/**
- * This function tries to emulate the important (to us) parts
- * of memset_s on pre 10.9 systems.
- *
- * The implementation is taken from the original memset_s proposal:
- * http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1381.pdf
- */
-errno_t LegacyMemsetS(void *s, rsize_t smax __attribute__((unused)), int c, rsize_t n)
-{
- volatile unsigned char * addr = (volatile unsigned char *)s;
- while(n--) *addr++ = (unsigned char)c;
-
- return 0;
-}
diff --git a/Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.h b/Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.h
index 50f9d504..852ca685 100644
--- a/Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.h
+++ b/Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.h
@@ -1,5 +1,5 @@
//
-// Locking.h
+// SPMySQLUtilities.h
// SPMySQLFramework
//
// Created by Rowan Beentje (rowan.beent.je) on February 6, 2012
@@ -30,6 +30,16 @@
#include <mach/mach_time.h>
+/**
+ * This function provides a memset() variant that cannot be optimized
+ * away by a compiler's dead store optimization.
+ *
+ * It will write cLength '\0' bytes to the buffer pointed to by cBuffer.
+ *
+ * @return See the documentation for memset_s in libc
+ */
+errno_t SPMySQLSafeEraseMemory(void *cBuffer, size_t cLength);
+
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wunused-function"
diff --git a/Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.m b/Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.m
new file mode 100644
index 00000000..3d147143
--- /dev/null
+++ b/Frameworks/SPMySQLFramework/Source/SPMySQLUtilities.m
@@ -0,0 +1,66 @@
+//
+// SPMySQLUtilities.c
+// SPMySQLFramework
+//
+// Created by Max Lohrmann on 25.02.2018
+// Copyright (c) 2018 Max Lohrmann. All rights reserved.
+//
+// Permission is hereby granted, free of charge, to any person
+// obtaining a copy of this software and associated documentation
+// files (the "Software"), to deal in the Software without
+// restriction, including without limitation the rights to use,
+// copy, modify, merge, publish, distribute, sublicense, and/or sell
+// copies of the Software, and to permit persons to whom the
+// Software is furnished to do so, subject to the following
+// conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+// OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+// WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+// OTHER DEALINGS IN THE SOFTWARE.
+//
+// More info at <https://github.com/sequelpro/sequelpro>
+
+#include <errno.h>
+#define __STDC_WANT_LIB_EXT1__ 1
+#include <string.h>
+#include <dlfcn.h>
+#include <dispatch/dispatch.h>
+
+#include "SPMySQLUtilities.h"
+
+static errno_t LegacyMemsetS(void *ptr, rsize_t ignored, int value, rsize_t count);
+
+errno_t SPMySQLSafeEraseMemory(void *cBuffer, size_t cLength) {
+ // memset_s is 10.9+ only - if we added a link time dependency, SP wouldn't launch on older targets
+ static errno_t (*memsetPtr)(void *, rsize_t, int, rsize_t);
+ static dispatch_once_t findMemsetToken;
+ dispatch_once(&findMemsetToken, ^{
+ memsetPtr = dlsym(RTLD_DEFAULT, "memset_s");
+ if(!memsetPtr) memsetPtr = &LegacyMemsetS;
+ });
+
+ return (*memsetPtr)(cBuffer, cLength, '\0', cLength);
+}
+
+/**
+ * This function tries to emulate the important (to us) parts
+ * of memset_s on pre 10.9 systems.
+ *
+ * The implementation is taken from the original memset_s proposal:
+ * http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1381.pdf
+ */
+errno_t LegacyMemsetS(void *s, rsize_t smax __attribute__((unused)), int c, rsize_t n)
+{
+ volatile unsigned char * addr = (volatile unsigned char *)s;
+ while(n--) *addr++ = (unsigned char)c;
+
+ return 0;
+}