[tor-commits] [tor/master] Use memset_s or explicit_bzero when available.
nickm at torproject.org
nickm at torproject.org
Thu Jan 7 20:53:29 UTC 2016
commit 3783046f3b519533fc721472f38ccf437d2d12a5
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Jan 7 12:53:24 2016 -0800
Use memset_s or explicit_bzero when available.
---
changes/7419 | 7 +++++++
configure.ac | 2 ++
src/common/crypto.c | 8 ++++++++
3 files changed, 17 insertions(+)
diff --git a/changes/7419 b/changes/7419
new file mode 100644
index 0000000..b792e8f
--- /dev/null
+++ b/changes/7419
@@ -0,0 +1,7 @@
+ o Minor enhancement (security):
+ - Use explicit_bzero when present
+ from <logan at hackers.mu>.
+ - Use memset_s when present
+ from <selven at hackers.mu>
+
+ 625538405474972d627b26d7a250ea36 (:
diff --git a/configure.ac b/configure.ac
index 7dfab58..b62b4d3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -381,6 +381,7 @@ AC_CHECK_FUNCS(
backtrace_symbols_fd \
clock_gettime \
eventfd \
+ explicit_bzero \
timingsafe_memcmp \
flock \
ftime \
@@ -399,6 +400,7 @@ AC_CHECK_FUNCS(
localtime_r \
lround \
memmem \
+ memset_s \
pipe \
pipe2 \
prctl \
diff --git a/src/common/crypto.c b/src/common/crypto.c
index bcb06e0..e62cc0a 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2970,7 +2970,15 @@ memwipe(void *mem, uint8_t byte, size_t sz)
* ...or maybe not. In practice, there are pure-asm implementations of
* OPENSSL_cleanse() on most platforms, which ought to do the job.
**/
+
+#ifdef HAVE_EXPLICIT_BZERO
+ explicit_bzero(mem, sz);
+#elif HAVE_MEMSET_S
+ memset_s( mem, sz, 0, sz );
+#else
OPENSSL_cleanse(mem, sz);
+#endif
+
/* Just in case some caller of memwipe() is relying on getting a buffer
* filled with a particular value, fill the buffer.
*
More information about the tor-commits
mailing list