[gnutls-help] gnutls_memset: use explicit_bzero
Maciej S. Szmigiero
mail at maciej.szmigiero.name
Thu Mar 28 23:08:07 CET 2019
On 27.03.2019 08:24, Nikos Mavrogiannopoulos wrote:
> On Mon, 2019-03-11 at 00:02 +0100, Maciej S. Szmigiero wrote:
>>> That is, use the glibc function when available and the second
>>> parameter is zero.
>>>
>>> Resolves #230
>>>
>>> Signed-off-by: Nikos Mavrogiannopoulos <nmav at redhat.com>
>>> ---(..)
>>> --- a/lib/safe-memfuncs.c
>>> +++ b/lib/safe-memfuncs.c
>>> @@ -33,14 +30,18 @@
>>> * This function will operate similarly to memset(), but will
>>> * not be optimized out by the compiler.
>>> *
>>> - * Returns: void.
>>> - *
>>> * Since: 3.4.0
>>> **/
>>> void gnutls_memset(void *data, int c, size_t size)
>>> {
>>> - volatile unsigned volatile_zero = 0;
>>> + volatile unsigned volatile_zero;
>>> volatile char *vdata = (volatile char*)data;
>>> +#ifdef HAVE_EXPLICIT_BZERO
>>> + if (c == 0) {
>>> + explicit_bzero(data, size);
>>
>> Shouldn't the function return here?
>>
>> Because otherwise it is doing the zeroing twice:
>> first time via explicit_bzero(),
>> second time via a volatile trick below.
>
> You are right. Would you like to send a merge request fixing that?
While I don't have a gitlab account to open a merge request there
I have attached a patch made by git-format-patch.
Hope this way will work, too.
> regards,
> Nikos
Thanks,
Maciej
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-gnutls_memset-calling-explicit_bzero-is-enough-to-ze.patch
Type: text/x-patch
Size: 868 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20190328/b6f02194/attachment.bin>
More information about the Gnutls-help
mailing list