FreeRDP
Loading...
Searching...
No Matches
TestCredentialZeroing.c
1
2#include <string.h>
3
4#include <winpr/crt.h>
5#include <winpr/assert.h>
6#include <winpr/sspi.h>
7#include <winpr/string.h>
8
14/* Test that sspi_FreeAuthIdentity zeroes and NULLs all fields */
15static BOOL test_FreeAuthIdentity_zeroes_fields(void)
16{
17 const char* testPassword = "S3cretP@ssw0rd!";
18 const char* testUser = "testuser";
19 const char* testDomain = "TESTDOMAIN";
20
21 SEC_WINNT_AUTH_IDENTITY identity = WINPR_C_ARRAY_INIT;
22 identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
23
24 size_t len = 0;
25 identity.User = ConvertUtf8ToWCharAlloc(testUser, &len);
26 identity.UserLength = WINPR_ASSERTING_INT_CAST(UINT32, len);
27 if (!identity.User)
28 return FALSE;
29
30 identity.Domain = ConvertUtf8ToWCharAlloc(testDomain, &len);
31 identity.DomainLength = WINPR_ASSERTING_INT_CAST(UINT32, len);
32 if (!identity.Domain)
33 {
34 free(identity.User);
35 return FALSE;
36 }
37
38 identity.Password = ConvertUtf8ToWCharAlloc(testPassword, &len);
39 identity.PasswordLength = WINPR_ASSERTING_INT_CAST(UINT32, len);
40 if (!identity.Password)
41 {
42 free(identity.User);
43 free(identity.Domain);
44 return FALSE;
45 }
46
47 sspi_FreeAuthIdentity(&identity);
48
49 if (identity.User != nullptr)
50 {
51 printf("FAIL: identity.User not nullptr after FreeAuthIdentity\n");
52 return FALSE;
53 }
54 if (identity.Domain != nullptr)
55 {
56 printf("FAIL: identity.Domain not nullptr after FreeAuthIdentity\n");
57 return FALSE;
58 }
59 if (identity.Password != nullptr)
60 {
61 printf("FAIL: identity.Password not nullptr after FreeAuthIdentity\n");
62 return FALSE;
63 }
64 if (identity.UserLength != 0 || identity.DomainLength != 0 || identity.PasswordLength != 0)
65 {
66 printf("FAIL: identity lengths not zeroed after FreeAuthIdentity\n");
67 return FALSE;
68 }
69
70 return TRUE;
71}
72
73/* Test that sspi_SecBufferFree zeroes and NULLs the buffer */
74static BOOL test_SecBufferFree_zeroes_buffer(void)
75{
76 const char* testData = "sensitive-credential-data";
77 SecBuffer buffer = WINPR_C_ARRAY_INIT;
78
79 buffer.cbBuffer = (ULONG)strlen(testData);
80 buffer.pvBuffer = strdup(testData);
81 if (!buffer.pvBuffer)
82 return FALSE;
83
84 sspi_SecBufferFree(&buffer);
85
86 if (buffer.pvBuffer != nullptr)
87 {
88 printf("FAIL: pvBuffer not nullptr after SecBufferFree\n");
89 return FALSE;
90 }
91 if (buffer.cbBuffer != 0)
92 {
93 printf("FAIL: cbBuffer not zero after SecBufferFree\n");
94 return FALSE;
95 }
96
97 return TRUE;
98}
99
100/* Test nullptr and empty input handling */
101static BOOL test_null_handling(void)
102{
103 /* nullptr should not crash */
104 sspi_FreeAuthIdentity(nullptr);
105 sspi_SecBufferFree(nullptr);
106
107 /* Empty identity should not crash */
108 SEC_WINNT_AUTH_IDENTITY empty = WINPR_C_ARRAY_INIT;
109 sspi_FreeAuthIdentity(&empty);
110
111 /* Empty buffer should not crash */
112 SecBuffer emptyBuf = WINPR_C_ARRAY_INIT;
113 sspi_SecBufferFree(&emptyBuf);
114
115 return TRUE;
116}
117
118int TestCredentialZeroing(int argc, char* argv[])
119{
120 int rc = 0;
121
122 WINPR_UNUSED(argc);
123 WINPR_UNUSED(argv);
124
125 if (!test_FreeAuthIdentity_zeroes_fields())
126 {
127 printf("FAIL: test_FreeAuthIdentity_zeroes_fields\n");
128 rc = -1;
129 }
130
131 if (!test_SecBufferFree_zeroes_buffer())
132 {
133 printf("FAIL: test_SecBufferFree_zeroes_buffer\n");
134 rc = -1;
135 }
136
137 if (!test_null_handling())
138 {
139 printf("FAIL: test_null_handling\n");
140 rc = -1;
141 }
142
143 return rc;
144}