Add explicit_memzero function.

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 96a4b6bd14d6d116b5860a9863799e7d42f7b040..4bad6643cd5cd93e99bf80b07b98ed3101ae13d6 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -728,8 +728,15 @@ CHECK_FUNCTION_EXISTS(mkstemp HAVE_MKSTEMP)
 CHECK_FUNCTION_EXISTS(setitimer HAVE_SETITIMER)
 CHECK_FUNCTION_EXISTS(inet_pton HAVE_INET_PTON)
 CHECK_FUNCTION_EXISTS(clock_gettime HAVE_CLOCK_GETTIME)
+CHECK_FUNCTION_EXISTS(memset_s HAVE_MEMSET_S)
+CHECK_FUNCTION_EXISTS(explicit_bzero HAVE_EXPLICIT_BZERO)
+CHECK_C_SOURCE_COMPILES(
+"#include <stddef.h>
+void cmkcheckweak() __attribute__((weak));
+int main(int argc, char** argv) {
+  return cmkcheckweak == NULL;
+}" HAVE_WEAK_SYMBOLS)
 
-# 
 
 # Check macros
 CHECK_SYMBOL_EXISTS(PATH_MAX limits.h HAVE_PATH_MAX)

diff --git a/config.h.in b/config.h.in
index 0520da6715335b962d5f29302d4d80bbd7a44b86..c1e819fb2caf5eca9fd81666bae24e9765a38938 100644 (file)
--- a/config.h.in
+++ b/config.h.in
@@ -221,6 +221,10 @@
 #cmakedefine HAVE_SCHED_YEILD    1
 #cmakedefine HAVE_PTHREAD_PROCESS_SHARED 1
 
+#cmakedefine HAVE_MEMSET_S       1
+#cmakedefine HAVE_EXPLICIT_BZERO 1
+#cmakedefine HAVE_WEAK_SYMBOLS   1
+
 /* Configure allocator */
 #define uthash_malloc(sz) g_slice_alloc(sz)
 #define uthash_free(ptr,sz) g_slice_free1(sz, ptr)

diff --git a/src/libutil/util.c b/src/libutil/util.c
index f88ed8e723d62cc00665508c56841f847924d8a3..9b9d17fb044bf8961e0e0b1d04419c2718561711 100644 (file)
--- a/src/libutil/util.c
+++ b/src/libutil/util.c
@@ -2201,3 +2201,33 @@ randombytes (guchar *buf, guint64 len)
 {
        ottery_rand_bytes (buf, (size_t)len);
 }
+
+#ifdef HAVE_WEAK_SYMBOLS
+__attribute__((weak)) void
+_dummy_symbol_to_prevent_lto(void * const pnt, const size_t len)
+{
+       (void) pnt;
+       (void) len;
+}
+#endif
+
+void
+rspamd_explicit_memzero(void * const pnt, const gsize len)
+{
+#if defined(HAVE_MEMSET_S)
+       if (memset_s (pnt, (rsize_t) len, 0, (rsize_t) len) != 0) {
+               g_assert (0);
+       }
+#elif defined(HAVE_EXPLICIT_BZERO)
+       explicit_bzero (pnt, len);
+#elif defined(HAVE_WEAK_SYMBOLS)
+       memset (pnt, 0, len);
+       _dummy_symbol_to_prevent_lto (pnt, len);
+#else
+       volatile unsigned char *pnt_ = (volatile unsigned char *) pnt;
+       gsize i = (gsize) 0U;
+       while (i < len) {
+               pnt_[i++] = 0U;
+       }
+#endif
+}

diff --git a/src/libutil/util.h b/src/libutil/util.h
index fd584938f9869af5f91cc007d66cfacc10e1cc00..704bc3d63d28a13d92400b8366c0a61fde122ae3 100644 (file)
--- a/src/libutil/util.h
+++ b/src/libutil/util.h
@@ -434,4 +434,11 @@ gchar * rspamd_encode_base32 (const guchar *in, gsize inlen);
  */
 guchar* rspamd_decode_base32 (const gchar *in, gsize inlen, gsize *outlen);
 
+/**
+ * Securely clear the buffer specified
+ * @param buf
+ * @param buflen
+ */
+void rspamd_explicit_memzero (void * const buf, gsize buflen);
+
 #endif