prevent memset() from being optimized out.

author Nikos Mavrogiannopoulos <nmav@gnutls.org>

Sat, 10 May 2014 11:49:32 +0000 (13:49 +0200)

committer Nikos Mavrogiannopoulos <nmav@gnutls.org>

Sat, 10 May 2014 11:51:25 +0000 (13:51 +0200)
author Nikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 10 May 2014 11:49:32 +0000 (13:49 +0200)
committer Nikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 10 May 2014 11:51:25 +0000 (13:51 +0200)
diff --git a/lib/gstr.h b/lib/gstr.h

index 51db059..34e8153 100644 (file)
--- a/lib/gstr.h
+++ b/lib/gstr.h
@@ -25,3 +25,18 @@ void _asn1_str_cat (char *dest, size_t dest_tot_size, const char *src);
  
  #define Estrcpy(x,y) _asn1_str_cpy(x,ASN1_MAX_ERROR_DESCRIPTION_SIZE,y)
  #define Estrcat(x,y) _asn1_str_cat(x,ASN1_MAX_ERROR_DESCRIPTION_SIZE,y)
+
+inline static
+void safe_memset(void *data, int c, size_t size)
+{
+       volatile unsigned volatile_zero = 0;
+       volatile char *vdata = (volatile char*)data;
+
+       /* This is based on a nice trick for safe memset,
+        * sent by David Jacobson in the openssl-dev mailing list.
+        */
+
+       do {
+               memset(data, c, size);
+       } while(vdata[volatile_zero] != c);
+}
diff --git a/lib/parser_aux.c b/lib/parser_aux.c

index b5f665d..6b34512 100644 (file)
--- a/lib/parser_aux.c
+++ b/lib/parser_aux.c
@@ -458,8 +458,9 @@ _asn1_remove_node (asn1_node node, unsigned int flags)
    if (node == NULL)
      return;
  
-  if (flags & ASN1_DELETE_FLAG_ZEROIZE)
-    memset(node->value, 0, node->value_len);
+  if (flags & ASN1_DELETE_FLAG_ZEROIZE && node->value) {
+    safe_memset(node->value, 0, node->value_len);
+  }
  
    if (node->value != NULL && node->value != node->small_value)
      free (node->value);
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>
	Sat, 10 May 2014 11:49:32 +0000 (13:49 +0200)
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>
	Sat, 10 May 2014 11:51:25 +0000 (13:51 +0200)
lib/gstr.h		patch \| blob \| history
lib/parser_aux.c		patch \| blob \| history