From: Thomas Weißschuh <thomas@t-8ch.de>
Date: Sun, 24 Dec 2023 12:50:40 +0000 (+0100)
Subject: sha1: properly wipe variables
X-Git-Tag: v2.40-rc1~84^2~4
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a8902e4cdd6149e5124383b25db8688dcdacd790;p=thirdparty%2Futil-linux.git

sha1: properly wipe variables

Dead stores may very well be optimized away.

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
---

diff --git a/lib/sha1.c b/lib/sha1.c
index eedeaa84ae..2e6b44d053 100644
--- a/lib/sha1.c
+++ b/lib/sha1.c
@@ -153,7 +153,11 @@ void ul_SHA1Transform(uint32_t state[5], const unsigned char buffer[64])
 	state[3] += d;
 	state[4] += e;
 	/* Wipe variables */
-	a = b = c = d = e = 0;
+	explicit_bzero(&a, sizeof(a));
+	explicit_bzero(&b, sizeof(b));
+	explicit_bzero(&c, sizeof(c));
+	explicit_bzero(&d, sizeof(d));
+	explicit_bzero(&e, sizeof(e));
 #ifdef UL_SHA1HANDSOFF
 	memset(block, '\0', sizeof(block));
 #endif