[egg] Function for clearing secure memory.

author Stefan Walter <Stefan Walter>

Sat, 8 Aug 2009 02:06:17 +0000 (02:06 +0000)

committer Stefan Walter <Stefan Walter>

Sat, 8 Aug 2009 02:06:43 +0000 (02:06 +0000)
author Stefan Walter <Stefan Walter>
Sat, 8 Aug 2009 02:06:17 +0000 (02:06 +0000)
committer Stefan Walter <Stefan Walter>
Sat, 8 Aug 2009 02:06:43 +0000 (02:06 +0000)
diff --git a/egg/egg-secure-memory.c b/egg/egg-secure-memory.c

index 36c4e6a..3e48b0b 100644 (file)
--- a/egg/egg-secure-memory.c
+++ b/egg/egg-secure-memory.c
@@ -1197,21 +1197,27 @@ egg_secure_strdup (const char *str)
  }
  
  void
-egg_secure_strclear (char *str)
+egg_secure_clear (void *p, size_t length)
  {
         volatile char *vp;
-       size_t len;
  
-       if (!str)
+       if (p == NULL)
                 return;
  
-        vp = (volatile char*)str;
-               len = strlen (str);
-        while (len) {
-               *vp = 0xAA;
-               vp++;
-               len--;
-        }
+        vp = (volatile char*)p;
+        while (length) {
+               *vp = 0xAA;
+               vp++;
+               length--;
+       }
+}
+
+void
+egg_secure_strclear (char *str)
+{
+       if (!str)
+               return;
+       egg_secure_clear ((unsigned char*)str, strlen (str));
  }
  
  void
diff --git a/egg/egg-secure-memory.h b/egg/egg-secure-memory.h

index 7e23f40..6d412cd 100644 (file)
--- a/egg/egg-secure-memory.h
+++ b/egg/egg-secure-memory.h
@@ -76,6 +76,8 @@ void   egg_secure_free         (void* p);
  
  void   egg_secure_free_full    (void* p, int fallback);
  
+void   egg_secure_clear        (void *p, size_t length);
+
  int    egg_secure_check        (const void* p);
  
  void   egg_secure_validate     (void);
diff --git a/egg/tests/unit-test-secmem.c b/egg/tests/unit-test-secmem.c

index c3ce17d..e914986 100644 (file)
--- a/egg/tests/unit-test-secmem.c
+++ b/egg/tests/unit-test-secmem.c
@@ -204,3 +204,34 @@ DEFINE_TEST(secmem_multialloc)
  
         egg_secure_warnings = 1;
  }
+
+DEFINE_TEST(secmem_clear)
+{
+       gpointer p;
+
+       p = egg_secure_alloc_full (188, 0);
+       g_assert (p != NULL);
+       memset (p, 0x89, 188);
+       g_assert (memchr (p, 0x89, 188) == p);
+
+       egg_secure_clear (p, 188);
+       g_assert (memchr (p, 0x89, 188) == NULL);
+
+       egg_secure_free_full (p, 0);
+}
+
+DEFINE_TEST(secmem_strclear)
+{
+       gchar *str;
+
+       str = egg_secure_strdup ("secret");
+       g_assert (str != NULL);
+       g_assert_cmpuint (strlen (str), ==, 6);
+       g_assert (strchr (str, 't') == str + 6);
+
+       egg_secure_strclear (str);
+       g_assert_cmpuint (strlen (str), ==, 6);
+       g_assert (strchr (str, 't') == NULL);
+
+       egg_secure_free_full (str, 0);
+}
author	Stefan Walter <Stefan Walter>
	Sat, 8 Aug 2009 02:06:17 +0000 (02:06 +0000)
committer	Stefan Walter <Stefan Walter>
	Sat, 8 Aug 2009 02:06:43 +0000 (02:06 +0000)
egg/egg-secure-memory.c		patch \| blob \| history
egg/egg-secure-memory.h		patch \| blob \| history
egg/tests/unit-test-secmem.c		patch \| blob \| history