shred: use explicit_bzero

* NEWS: Document this.
* bootstrap.conf (gnulib_modules): Add explicit_bzero.
* gl/lib/randint.c (randint_free):
* gl/lib/randread.c (randread_free):
* src/blake2/blake2-impl.h (secure_zero_memory):
* src/shred.c (dopass, do_wipefd):
Prefer explicit_bzero to memset when erasing secrets.

diff --git a/NEWS b/NEWS
index 110229bd8e020e30ff7f290422efaa3883401ee4..dfd2837a070e732401ba266819b5e01f32344a28 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,10 @@ GNU coreutils NEWS                                    -*- outline -*-
   Now, it prints a diagnostic or a line to stdout for each argument.
   [bug introduced in the bourne-shell-to-C rewrite for coreutils-6.11]
 
+  shred now erases buffers containing secrets via the explicit_bzero
+  function, which should be more reliable.
+  [potential bug has always been present in 'shred']
+
   split no longer exits when invocations of a --filter return EPIPE.
   [bug introduced in coreutils-8.26]
 

diff --git a/bootstrap.conf b/bootstrap.conf
index 4db77a3d781d8a6c6440e5ccf550d2a76c6604e7..9064a94bbfdb60582d2872e386fc1bc5d02346d7 100644 (file)
--- a/bootstrap.conf
+++ b/bootstrap.conf
@@ -69,6 +69,7 @@ gnulib_modules="
   euidaccess
   exclude
   exitfail
+  explicit_bzero
   faccessat
   fadvise
   fchdir

diff --git a/gl/lib/randint.c b/gl/lib/randint.c
index 4561067e848ece935c560c867c79a3ef34421094..b15982f463a7dd9768caed9ee5c5c5a86487ed30 100644 (file)
--- a/gl/lib/randint.c
+++ b/gl/lib/randint.c
@@ -198,7 +198,7 @@ randint_genmax (struct randint_source *s, randint genmax)
 void
 randint_free (struct randint_source *s)
 {
-  memset (s, 0, sizeof *s);
+  explicit_bzero (s, sizeof *s);
   free (s);
 }
 

diff --git a/gl/lib/randread.c b/gl/lib/randread.c
index 9c70a18752d9ffec4f5c6b6970de58bbce389c71..834f8446ab13e270076b7f198282f37599c549a7 100644 (file)
--- a/gl/lib/randread.c
+++ b/gl/lib/randread.c
@@ -341,7 +341,7 @@ int
 randread_free (struct randread_source *s)
 {
   FILE *source = s->source;
-  memset (s, 0, sizeof *s);
+  explicit_bzero (s, sizeof *s);
   free (s);
   return (source ? fclose (source) : 0);
 }

diff --git a/src/blake2/blake2-impl.h b/src/blake2/blake2-impl.h
index 5dff7fc7a3d836360b5fed69993a8b44ff100f6f..241e5abf5c1871bb25a890d0ec1b32cec7c52958 100644 (file)
--- a/src/blake2/blake2-impl.h
+++ b/src/blake2/blake2-impl.h
@@ -153,8 +153,7 @@ static BLAKE2_INLINE uint64_t rotr64( const uint64_t w, const unsigned c )
 /* prevents compiler optimizing out memset() */
 static BLAKE2_INLINE void secure_zero_memory(void *v, size_t n)
 {
-  static void *(*const volatile memset_v)(void *, int, size_t) = &memset;
-  memset_v(v, 0, n);
+  explicit_bzero (v, n);
 }
 
 #endif

diff --git a/src/shred.c b/src/shred.c
index 7926e7aa42a85363a3b336778bbaf15c9cefdb11..c95546cb7adec8e5f3971aee9507e766ef3e9a22 100644 (file)
--- a/src/shred.c
+++ b/src/shred.c
@@ -653,7 +653,7 @@ dopass (int fd, struct stat const *st, char const *qname, off_t *sizep,
     }
 
 free_pattern_mem:
-  memset (pbuf, 0, FILLPATTERN_SIZE);
+  explicit_bzero (pbuf, FILLPATTERN_SIZE);
   free (fill_pattern_mem);
 
   return other_error ? -1 : write_error;
@@ -987,7 +987,7 @@ do_wipefd (int fd, char const *qname, struct randint_source *s,
     }
 
 wipefd_out:
-  memset (passarray, 0, flags->n_iterations * sizeof (int));
+  explicit_bzero (passarray, flags->n_iterations * sizeof (int));
   free (passarray);
   return ok;
 }