patch 9.1.1722: compiler may optimize away clearing of crypt key

Problem:  Compiler may optimize away clearing of crypt key
Solution: Use sodium_memzero() if available, else use memset() using a
          volatile function pointer (ashamedbit).

closes: #18173

Signed-off-by: ashamedbit <muralianiruddhan@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>

diff --git a/src/crypt.c b/src/crypt.c
index 55edd6c6de370c4352a7ccf66ea8db2fad8fd8d4..3063afdff1dbf3def09a0792a152c8bf24f98779 100644 (file)
--- a/src/crypt.c
+++ b/src/crypt.c
@@ -780,12 +780,17 @@ crypt_decode_inplace(
     void
 crypt_free_key(char_u *key)
 {
-    char_u *p;
-
+    // Create a safe memset which cannot be optimized away by compiler
+    static void *(* volatile vim_memset_safe)(void *s, int c, size_t n) =
+       memset;
     if (key != NULL)
     {
-       for (p = key; *p != NUL; ++p)
-           *p = 0;
+#ifdef FEAT_SODIUM
+       if (sodium_init() >= 0)
+           sodium_memzero(key, STRLEN(key));
+       else
+#endif
+           vim_memset_safe(key, 0, STRLEN(key));
        vim_free(key);
     }
 }

diff --git a/src/version.c b/src/version.c
index 2ce3628bf1c6eb8801f8b4ff0225dc9cf6d48608..042b995aac4a567759aa8d7c9eff79526364c328 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -724,6 +724,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    1722,
 /**/
     1721,
 /**/