From: Damien Miller <djm@mindrot.org>
Date: Tue, 16 Aug 2016 03:28:23 +0000 (+1000)
Subject: fix false positives when compiled with msan
X-Git-Tag: V_7_4_P1~157
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=74433a19bb6f4cef607680fa4d1d7d81ca3826aa;p=thirdparty%2Fopenssh-portable.git

fix false positives when compiled with msan

Our explicit_bzero successfully confused clang -fsanitize-memory
in to thinking that memset is never called to initialise memory.
Ensure that it is called in a way that the compiler recognises.
---

diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c
index 3c85a4843..5078134d1 100644
--- a/openbsd-compat/explicit_bzero.c
+++ b/openbsd-compat/explicit_bzero.c
@@ -7,6 +7,8 @@
 
 #include "includes.h"
 
+#include <string.h>
+
 /*
  * explicit_bzero - don't let the compiler optimize away bzero
  */
@@ -32,6 +34,17 @@ static void (* volatile ssh_bzero)(void *, size_t) = bzero;
 void
 explicit_bzero(void *p, size_t n)
 {
+	/*
+	 * clang -fsanitize=memory needs to intercept memset-like functions
+	 * to correctly detect memory initialisation. Make sure one is called
+	 * directly since our indirection trick above sucessfully confuses it.
+	 */
+#if defined(__has_feature)
+# if __has_feature(memory_sanitizer)
+	memset(p, 0, n);
+# endif
+#endif
+
 	ssh_bzero(p, n);
 }