fix false positives when compiled with msan

Our explicit_bzero successfully confused clang -fsanitize-memory
in to thinking that memset is never called to initialise memory.
Ensure that it is called in a way that the compiler recognises.

diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c
index 3c85a4843a4752e218fc210c645619bbade4300d..5078134d137a8d4f6de4f22dc4e52c24cc9a7c2d 100644 (file)
--- a/openbsd-compat/explicit_bzero.c
+++ b/openbsd-compat/explicit_bzero.c
@@ -7,6 +7,8 @@
 
 #include "includes.h"
 
+#include <string.h>
+
 /*
  * explicit_bzero - don't let the compiler optimize away bzero
  */
@@ -32,6 +34,17 @@ static void (* volatile ssh_bzero)(void *, size_t) = bzero;
 void
 explicit_bzero(void *p, size_t n)
 {
+       /*
+        * clang -fsanitize=memory needs to intercept memset-like functions
+        * to correctly detect memory initialisation. Make sure one is called
+        * directly since our indirection trick above sucessfully confuses it.
+        */
+#if defined(__has_feature)
+# if __has_feature(memory_sanitizer)
+       memset(p, 0, n);
+# endif
+#endif
+
        ssh_bzero(p, n);
 }