commit f64e709e8160fdd72ec6ad4a456c98852cd75d50
parent 4c9ea459209408dce9a491304cf0e866882ee5b7
Author: sin <sin@2f30.org>
Date: Fri, 8 Apr 2016 15:18:12 +0100
disable core dumps as memory contains the pre-shared key
Diffstat:
1 file changed, 7 insertions(+), 0 deletions(-)
diff --git a/stun.c b/stun.c
@@ -44,6 +44,7 @@
#include <sys/types.h>
#include <sys/uio.h>
#include <sys/ioctl.h>
+#include <sys/resource.h>
#include <sys/socket.h>
#include <net/if.h>
@@ -690,6 +691,7 @@ usage(void)
int
main(int argc, char *argv[])
{
+ struct rlimit rlim;
char *arg, *pw;
int devfd;
@@ -738,6 +740,11 @@ main(int argc, char *argv[])
}
devfd = opendev(argv[0]);
+ /* disable core dumps as memory contains the pre-shared key */
+ rlim.rlim_cur = rlim.rlim_max = 0;
+ if (setrlimit(RLIMIT_CORE, &rlim) < 0)
+ logerr("failed to disable core dumps");
+
if (!(pw = getenv("STUNPW")))
logerr("STUNPW is not set");
aeadinit(pw);
