return -EINVAL;
}
+/*
+ * Replacement for memset(s, 0, n) on stack that can be optimized out
+ * Also used in safe allocations for explicit memory wipe.
+ */
+void crypt_memzero(void *s, size_t n)
+{
+ volatile uint8_t *p = (volatile uint8_t *)s;
+
+ while(n--)
+ *p++ = 0;
+}
+
/* safe allocations */
void *crypt_safe_alloc(size_t size)
{
return NULL;
alloc->size = size;
- memset(&alloc->data, 0, size);
+ crypt_memzero(&alloc->data, size);
/* coverity[leaked_storage] */
return &alloc->data;
alloc = (struct safe_allocation *)
((char *)data - offsetof(struct safe_allocation, data));
- memset(data, 0, alloc->size);
+ crypt_memzero(data, alloc->size);
alloc->size = 0x55aa55aa;
free(alloc);
static int timed_read(int fd, char *pass, size_t maxlen, long timeout)
{
struct timeval t;
- fd_set fds;
+ fd_set fds = {}; /* Just to avoid scan-build false report for FD_SET */
int failed = -1;
FD_ZERO(&fds);
{
struct termios orig, tmp;
int failed = -1;
- int infd = STDIN_FILENO, outfd;
+ int infd, outfd;
if (maxlen < 1)
- goto out_err;
+ return failed;
/* Read and write to /dev/tty if available */
- if ((infd = outfd = open("/dev/tty", O_RDWR)) == -1) {
+ infd = open("/dev/tty", O_RDWR);
+ if (infd == -1) {
infd = STDIN_FILENO;
outfd = STDERR_FILENO;
- }
+ } else
+ outfd = infd;
if (tcgetattr(infd, &orig))
goto out_err;