summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJussi Kivilinna <jussi.kivilinna@iki.fi>2018-12-01 12:43:09 +0100
committerJussi Kivilinna <jussi.kivilinna@iki.fi>2018-12-01 12:43:09 +0100
commit2a650772b4e1c78a4fd20bc88433930e5551fe9c (patch)
tree1ec63e3e9e09cba7dcaf080517379625769b98e0
parentscd: Add strerror to new error message. (diff)
downloadgnupg2-2a650772b4e1c78a4fd20bc88433930e5551fe9c.tar.xz
gnupg2-2a650772b4e1c78a4fd20bc88433930e5551fe9c.zip
common/mischelp: use platform memory zeroing function for wipememory
* common/mischelp.h (wipememory): Replace macro with function prototype. (wipememory2): Remove. * common/mischelp.c (wipememory): New. * configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero'. -- In new wipememory function, memory is cleared through platform provided secure memory zeroing function, SecureZeroMemory or explicit_bzero. If none of these is available, memset is called through volatile function pointer to so that compiler won't optimize away the call. Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
-rw-r--r--common/mischelp.c16
-rw-r--r--common/mischelp.h12
-rw-r--r--configure.ac20
3 files changed, 29 insertions, 19 deletions
diff --git a/common/mischelp.c b/common/mischelp.c
index 75ba60714..81dd501f8 100644
--- a/common/mischelp.c
+++ b/common/mischelp.c
@@ -49,6 +49,22 @@
#include "mischelp.h"
+void
+wipememory (void *ptr, size_t len)
+{
+#if defined(HAVE_W32_SYSTEM) && defined(SecureZeroMemory)
+ SecureZeroMemory (ptr, len);
+#elif defined(HAVE_EXPLICIT_BZERO)
+ explicit_bzero (ptr, len);
+#else
+ /* Prevent compiler from optimizing away the call to memset by accessing
+ memset through volatile pointer. */
+ static void *(*volatile memset_ptr)(void *, int, size_t) = (void *)memset;
+ memset_ptr (ptr, 0, len);
+#endif
+}
+
+
/* Check whether the files NAME1 and NAME2 are identical. This is for
example achieved by comparing the inode numbers of the files. */
int
diff --git a/common/mischelp.h b/common/mischelp.h
index 18ec96edf..bdee5a443 100644
--- a/common/mischelp.h
+++ b/common/mischelp.h
@@ -47,15 +47,9 @@ time_t timegm (struct tm *tm);
#define DIM(v) (sizeof(v)/sizeof((v)[0]))
#define DIMof(type,member) DIM(((type *)0)->member)
-/* To avoid that a compiler optimizes certain memset calls away, these
- macros may be used instead. */
-#define wipememory2(_ptr,_set,_len) do { \
- volatile char *_vptr=(volatile char *)(_ptr); \
- size_t _vlen=(_len); \
- while(_vlen) { *_vptr=(_set); _vptr++; _vlen--; } \
- } while(0)
-#define wipememory(_ptr,_len) wipememory2(_ptr,0,_len)
-
+/* To avoid that a compiler optimizes certain memset calls away,
+ wipememory function may be used instead. */
+void wipememory(void *ptr, size_t len);
/* Include hacks which are mainly required for Slowaris. */
#ifdef GNUPG_COMMON_NEED_AFLOCAL
diff --git a/configure.ac b/configure.ac
index 9d3eb41f0..89ef9398e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1400,16 +1400,16 @@ AC_FUNC_FSEEKO
AC_FUNC_VPRINTF
AC_FUNC_FORK
AC_CHECK_FUNCS([atexit canonicalize_file_name clock_gettime ctermid \
- fcntl flockfile fsync ftello ftruncate funlockfile \
- getaddrinfo getenv getpagesize getpwnam getpwuid \
- getrlimit getrusage gettimeofday gmtime_r \
- inet_ntop inet_pton isascii lstat \
- memicmp memmove memrchr mmap nl_langinfo pipe \
- raise rand setenv setlocale setrlimit sigaction \
- sigprocmask stat stpcpy strcasecmp strerror strftime \
- stricmp strlwr strncasecmp strpbrk strsep \
- strtol strtoul strtoull tcgetattr timegm times \
- ttyname unsetenv wait4 waitpid ])
+ explicit_bzero fcntl flockfile fsync ftello \
+ ftruncate funlockfile getaddrinfo getenv getpagesize \
+ getpwnam getpwuid getrlimit getrusage gettimeofday \
+ gmtime_r inet_ntop inet_pton isascii lstat memicmp \
+ memmove memrchr mmap nl_langinfo pipe raise rand \
+ setenv setlocale setrlimit sigaction sigprocmask \
+ stat stpcpy strcasecmp strerror strftime stricmp \
+ strlwr strncasecmp strpbrk strsep strtol strtoul \
+ strtoull tcgetattr timegm times ttyname unsetenv \
+ wait4 waitpid ])
# On some systems (e.g. Solaris) nanosleep requires linking to librl.
# Given that we use nanosleep only as an optimization over a select