From: Alan T. DeKok <aland@freeradius.org>
Date: Thu, 27 Jul 2023 22:53:03 +0000 (-0700)
Subject: add and use fr_memset_secure()
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=87c131e5088d904a26499d06e7b660c21fd28af3;p=thirdparty%2Ffreeradius-server.git

add and use fr_memset_secure()

we will update the configure scripts later
---

diff --git a/src/lib/util/misc.c b/src/lib/util/misc.c
index 48db1bd21fd..b9f83820048 100644
--- a/src/lib/util/misc.c
+++ b/src/lib/util/misc.c
@@ -469,3 +469,23 @@ int fr_digest_cmp(uint8_t const *a, uint8_t const *b, size_t length)
 
 	return result;		/* 0 is OK, !0 is !OK, just like memcmp */
 }
+
+void fr_memset_secure(void *ptr, size_t len)
+{
+	if (!len) return;
+
+#if defined(HAVE_MEMSET_S)
+	(void) memset_s(ptr, len, 0, len);
+
+#elif defined(HAVE_EXPLICIT_BZERO)
+	explicit_bzero(ptr, len);
+
+#else
+	volatile unsigned char *volatile p =  (volatile unsigned char *volatile) ptr;
+	size_t i = len;
+	
+	while (i--) {
+		*(p++) = 0;
+	}
+#endif
+}
diff --git a/src/lib/util/misc.h b/src/lib/util/misc.h
index ccafef1880c..54aa328f364 100644
--- a/src/lib/util/misc.h
+++ b/src/lib/util/misc.h
@@ -171,6 +171,8 @@ int8_t		fr_pointer_cmp(void const *a, void const *b);
 void		fr_quick_sort(void const *to_sort[], int min_idx, int max_idx, fr_cmp_t cmp);
 int		fr_digest_cmp(uint8_t const *a, uint8_t const *b, size_t length) CC_HINT(nonnull);
 
+void		fr_memset_secure(void *ptr, size_t len);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/src/lib/util/pair.c b/src/lib/util/pair.c
index 2c52255ecc1..66f3f33fe49 100644
--- a/src/lib/util/pair.c
+++ b/src/lib/util/pair.c
@@ -87,7 +87,13 @@ static int _fr_pair_free(fr_pair_t *vp)
 		fr_pair_list_free(&vp->vp_group);
 		break;
 
+	case FR_TYPE_STRING:
+	case FR_TYPE_OCTETS:
+		if (vp->data.secret) fr_memset_secure(vp->vp_ptr, vp->vp_length);
+		break;
+
 	default:
+		if (vp->data.secret) fr_memset_secure(&vp->data, sizeof(vp->data));
 		break;
 	}
 
diff --git a/src/lib/util/value.c b/src/lib/util/value.c
index 8ff187ea9f7..1ba981b93f8 100644
--- a/src/lib/util/value.c
+++ b/src/lib/util/value.c
@@ -3525,6 +3525,7 @@ void fr_value_box_clear_value(fr_value_box_t *data)
 	switch (data->type) {
 	case FR_TYPE_OCTETS:
 	case FR_TYPE_STRING:
+		if (data->secret) fr_memset_secure(data->datum.ptr, data->vb_length);
 		talloc_free(data->datum.ptr);
 		break;