From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Tue, 3 Feb 2015 22:03:22 +0000 (+0000)
Subject: Add explicit_memzero function.
X-Git-Tag: 0.9.0~771
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=b5e9a22e49f6b7fe817f398898095f521de35ad7;p=rspamd.git

Add explicit_memzero function.
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 96a4b6bd1..4bad6643c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -728,8 +728,15 @@ CHECK_FUNCTION_EXISTS(mkstemp HAVE_MKSTEMP)
 CHECK_FUNCTION_EXISTS(setitimer HAVE_SETITIMER)
 CHECK_FUNCTION_EXISTS(inet_pton HAVE_INET_PTON)
 CHECK_FUNCTION_EXISTS(clock_gettime HAVE_CLOCK_GETTIME)
+CHECK_FUNCTION_EXISTS(memset_s HAVE_MEMSET_S)
+CHECK_FUNCTION_EXISTS(explicit_bzero HAVE_EXPLICIT_BZERO)
+CHECK_C_SOURCE_COMPILES(
+"#include <stddef.h>
+void cmkcheckweak() __attribute__((weak));
+int main(int argc, char** argv) {
+  return cmkcheckweak == NULL;
+}" HAVE_WEAK_SYMBOLS)
 
-# 
 
 # Check macros
 CHECK_SYMBOL_EXISTS(PATH_MAX limits.h HAVE_PATH_MAX)
diff --git a/config.h.in b/config.h.in
index 0520da671..c1e819fb2 100644
--- a/config.h.in
+++ b/config.h.in
@@ -221,6 +221,10 @@
 #cmakedefine HAVE_SCHED_YEILD    1
 #cmakedefine HAVE_PTHREAD_PROCESS_SHARED 1
 
+#cmakedefine HAVE_MEMSET_S       1
+#cmakedefine HAVE_EXPLICIT_BZERO 1
+#cmakedefine HAVE_WEAK_SYMBOLS   1
+
 /* Configure allocator */
 #define uthash_malloc(sz) g_slice_alloc(sz)
 #define uthash_free(ptr,sz) g_slice_free1(sz, ptr)
diff --git a/src/libutil/util.c b/src/libutil/util.c
index f88ed8e72..9b9d17fb0 100644
--- a/src/libutil/util.c
+++ b/src/libutil/util.c
@@ -2201,3 +2201,33 @@ randombytes (guchar *buf, guint64 len)
 {
 	ottery_rand_bytes (buf, (size_t)len);
 }
+
+#ifdef HAVE_WEAK_SYMBOLS
+__attribute__((weak)) void
+_dummy_symbol_to_prevent_lto(void * const pnt, const size_t len)
+{
+	(void) pnt;
+	(void) len;
+}
+#endif
+
+void
+rspamd_explicit_memzero(void * const pnt, const gsize len)
+{
+#if defined(HAVE_MEMSET_S)
+	if (memset_s (pnt, (rsize_t) len, 0, (rsize_t) len) != 0) {
+		g_assert (0);
+	}
+#elif defined(HAVE_EXPLICIT_BZERO)
+	explicit_bzero (pnt, len);
+#elif defined(HAVE_WEAK_SYMBOLS)
+	memset (pnt, 0, len);
+	_dummy_symbol_to_prevent_lto (pnt, len);
+#else
+	volatile unsigned char *pnt_ = (volatile unsigned char *) pnt;
+	gsize i = (gsize) 0U;
+	while (i < len) {
+		pnt_[i++] = 0U;
+	}
+#endif
+}
diff --git a/src/libutil/util.h b/src/libutil/util.h
index fd584938f..704bc3d63 100644
--- a/src/libutil/util.h
+++ b/src/libutil/util.h
@@ -434,4 +434,11 @@ gchar * rspamd_encode_base32 (const guchar *in, gsize inlen);
  */
 guchar* rspamd_decode_base32 (const gchar *in, gsize inlen, gsize *outlen);
 
+/**
+ * Securely clear the buffer specified
+ * @param buf
+ * @param buflen
+ */
+void rspamd_explicit_memzero (void * const buf, gsize buflen);
+
 #endif