From: Alan T. DeKok Date: Mon, 31 Jul 2023 15:30:24 +0000 (-0400) Subject: move to using memset_explicit() X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7c890e7ef83fa3052b4a81e3bb0a37f6736b84e5;p=thirdparty%2Ffreeradius-server.git move to using memset_explicit() --- diff --git a/src/include/missing-h b/src/include/missing-h index 0dd155ff1bd..d356ecc5599 100644 --- a/src/include/missing-h +++ b/src/include/missing-h @@ -169,6 +169,10 @@ int sendmmsg(int sockfd, struct mmsghdr *msgvec, unsigned int vlen, int flags); void closefrom(int fd); #endif +#ifndef HAVE_MEMSET_EXPLICIT +void *memset_explicit(void *ptr, int ch, size_t len); +#endif + #ifndef HAVE_SETLINEBUF # ifdef HAVE_SETVBUF # define setlinebuf(x) setvbuf(x, NULL, _IOLBF, 0) diff --git a/src/lib/util/misc.c b/src/lib/util/misc.c index 1bb3bfd1205..48db1bd21fd 100644 --- a/src/lib/util/misc.c +++ b/src/lib/util/misc.c @@ -469,25 +469,3 @@ int fr_digest_cmp(uint8_t const *a, uint8_t const *b, size_t length) return result; /* 0 is OK, !0 is !OK, just like memcmp */ } - -void fr_memset_secure(void *ptr, size_t len) -{ - if (!len) return; - -#if defined(HAVE_MEMSET_S) - (void) memset_s(ptr, len, 0, len); - -#elif defined(HAVE_EXPLICIT_BZERO) - explicit_bzero(ptr, len); - -#else - { - volatile unsigned char *volatile p = (volatile unsigned char *volatile) ptr; - size_t i = len; - - while (i--) { - *(p++) = 0; - } - } -#endif -} diff --git a/src/lib/util/misc.h b/src/lib/util/misc.h index 54aa328f364..ccafef1880c 100644 --- a/src/lib/util/misc.h +++ b/src/lib/util/misc.h @@ -171,8 +171,6 @@ int8_t fr_pointer_cmp(void const *a, void const *b); void fr_quick_sort(void const *to_sort[], int min_idx, int max_idx, fr_cmp_t cmp); int fr_digest_cmp(uint8_t const *a, uint8_t const *b, size_t length) CC_HINT(nonnull); -void fr_memset_secure(void *ptr, size_t len); - #ifdef __cplusplus } #endif diff --git a/src/lib/util/missing.c b/src/lib/util/missing.c index 10c2aa7b44a..9a74ab355e0 100644 --- a/src/lib/util/missing.c +++ b/src/lib/util/missing.c @@ -615,3 +615,25 @@ do_close: return; } #endif + +#ifndef HAVE_MEMSET_EXPLICIT +void *memset_explicit(void *ptr, int ch, size_t len) +{ + if (!len) return ptr; + +#ifdef HAVE_EXPLICIT_BZERO + explicit_bzero(ptr, len); +#else + { + volatile unsigned char *volatile p = (volatile unsigned char *volatile) ptr; + size_t i = len; + + while (i--) { + *(p++) = ch; + } + } +#endif + + return ptr; +} +#endif diff --git a/src/lib/util/pair.c b/src/lib/util/pair.c index 66f3f33fe49..bfc26ccbe2b 100644 --- a/src/lib/util/pair.c +++ b/src/lib/util/pair.c @@ -89,11 +89,11 @@ static int _fr_pair_free(fr_pair_t *vp) case FR_TYPE_STRING: case FR_TYPE_OCTETS: - if (vp->data.secret) fr_memset_secure(vp->vp_ptr, vp->vp_length); + if (vp->data.secret) memset_explicit(vp->vp_ptr, 0, vp->vp_length); break; default: - if (vp->data.secret) fr_memset_secure(&vp->data, sizeof(vp->data)); + if (vp->data.secret) memset_explicit(&vp->data, 0, sizeof(vp->data)); break; } diff --git a/src/lib/util/value.c b/src/lib/util/value.c index 1ba981b93f8..6069b3e5ae4 100644 --- a/src/lib/util/value.c +++ b/src/lib/util/value.c @@ -3525,7 +3525,7 @@ void fr_value_box_clear_value(fr_value_box_t *data) switch (data->type) { case FR_TYPE_OCTETS: case FR_TYPE_STRING: - if (data->secret) fr_memset_secure(data->datum.ptr, data->vb_length); + if (data->secret) memset_explicit(data->datum.ptr, 0, data->vb_length); talloc_free(data->datum.ptr); break;