Support reliable zeroing of sensitive buffers (#758)

author David CARLIER <devnexen@gmail.com>

Thu, 3 Feb 2022 16:14:29 +0000 (16:14 +0000)

committer Squid Anubis <squid-anubis@squid-cache.org>

Thu, 3 Feb 2022 19:09:30 +0000 (19:09 +0000)
author David CARLIER <devnexen@gmail.com>
Thu, 3 Feb 2022 16:14:29 +0000 (16:14 +0000)
committer Squid Anubis <squid-anubis@squid-cache.org>
Thu, 3 Feb 2022 19:09:30 +0000 (19:09 +0000)
diff --git a/src/auth/digest/eDirectory/edir_ldapext.cc b/src/auth/digest/eDirectory/edir_ldapext.cc

index 439c9c020637ac8d624c8a8e718b3a2b22b68739..ed0e3cb3a747b7eeb60388fa20ddc5f8f39fd530 100644 (file)
--- a/src/auth/digest/eDirectory/edir_ldapext.cc
+++ b/src/auth/digest/eDirectory/edir_ldapext.cc
@@ -32,6 +32,7 @@
  
  #include "squid.h"
  #include "auth/digest/eDirectory/digest_common.h"
+#include "mem/Sensitive.h"
  
  #if _SQUID_WINDOWS_ && !_SQUID_CYGWIN_
  
@@ -399,7 +400,7 @@ static int nmasldap_get_simple_pwd(
      }
  
      if (pwdBuf != NULL) {
-        memset(pwdBuf, 0, bufferLen);
+        Mem::ZeroSensitiveMemory(pwdBuf, bufferLen);
          free(pwdBuf);
      }
  
@@ -482,7 +483,7 @@ static int nmasldap_get_password(
      }
  
      if (pwdBuf != NULL) {
-        memset(pwdBuf, 0, bufferLen);
+        Mem::ZeroSensitiveMemory(pwdBuf, bufferLen);
          free(pwdBuf);
      }
  
diff --git a/src/mem/Makefile.am b/src/mem/Makefile.am

index 3c07cad40826aab99723c43a94aac018950ca3c3..19cdeebc02de77c15756f6f59a76e443d9d5d6da 100644 (file)
--- a/src/mem/Makefile.am
+++ b/src/mem/Makefile.am
@@ -21,5 +21,6 @@ libmem_la_SOURCES = \
         PoolMalloc.cc \
         PoolMalloc.h \
         PoolingAllocator.h \
+       Sensitive.h \
         forward.h \
         old_api.cc
diff --git a/src/mem/Sensitive.h b/src/mem/Sensitive.h

new file mode 100644 (file)

index 0000000..190b02e
--- /dev/null
+++ b/src/mem/Sensitive.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
+ *
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
+ */
+
+#ifndef SQUID_SRC_MEM_SENSITIVE_H
+#define SQUID_SRC_MEM_SENSITIVE_H
+
+#include <cstring>
+
+namespace Mem {
+
+/// zeros the given memory area while disallowing the compiler to skip (i.e.
+/// optimize away) this cleanup, unlike a regular call to std::memset() or alike
+inline void
+ZeroSensitiveMemory(void *dst, const size_t len)
+{
+    if (!len)
+        return;
+
+    assert(dst);
+
+    volatile const auto setMemory = &std::memset;
+    (void)setMemory(dst, 0, len);
+}
+
+} // namespace mem
+
+#endif /* SQUID_SRC_MEM_SENSITIVE_H */
+
author	David CARLIER <devnexen@gmail.com>
	Thu, 3 Feb 2022 16:14:29 +0000 (16:14 +0000)
committer	Squid Anubis <squid-anubis@squid-cache.org>
	Thu, 3 Feb 2022 19:09:30 +0000 (19:09 +0000)
src/auth/digest/eDirectory/edir_ldapext.cc		patch \| blob \| blame \| history
src/mem/Makefile.am		patch \| blob \| blame \| history
src/mem/Sensitive.h	[new file with mode: 0644]	patch \| blob