From: Martin Willi Date: Fri, 3 May 2013 12:17:37 +0000 (+0200) Subject: In memwipe_check(), don't put magic on stack when calling do_magic() X-Git-Tag: 5.1.0dr1~176 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=9312fbc73d95587cc7abee146f8d92dc814497ab;p=thirdparty%2Fstrongswan.git In memwipe_check(), don't put magic on stack when calling do_magic() Otherwise the magic might be on the stack while checking it. --- diff --git a/src/libstrongswan/library.c b/src/libstrongswan/library.c index 170bc9f4b8..d3ba49f46f 100644 --- a/src/libstrongswan/library.c +++ b/src/libstrongswan/library.c @@ -164,7 +164,7 @@ static bool equals(char *a, char *b) * Write magic to memory, and try to clear it with memwipe() */ __attribute__((noinline)) -static void do_magic(int magic, int **stack) +static void do_magic(int *magic, int **stack) { int buf[MEMWIPE_WIPE_WORDS], i; @@ -172,7 +172,7 @@ static void do_magic(int magic, int **stack) *stack = &i; for (i = 0; i < countof(buf); i++) { - buf[i] = magic; + buf[i] = *magic; } /* passing buf to dbg should make sure the compiler can't optimize out buf. * we use directly dbg(3), as DBG3() might be stripped with DEBUG_LEVEL. */ @@ -187,7 +187,7 @@ static bool check_memwipe() { int magic = 0xCAFEBABE, *ptr, *deeper, i, stackdir = 1; - do_magic(magic, &deeper); + do_magic(&magic, &deeper); ptr = &magic; if (deeper < ptr)