diff options
author | Thomas Haller <thaller@redhat.com> | 2019-04-02 19:20:43 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2019-04-02 19:30:33 +0200 |
commit | 61aad8cda475a07d579a85f209696d1ff8fd3e84 (patch) | |
tree | af39944f9e5c782274ab7f59e4a1887361b45533 | |
parent | e504b7fc96d57363ab8c95cb846692d5ccfb2624 (diff) | |
download | NetworkManager-61aad8cda475a07d579a85f209696d1ff8fd3e84.tar.gz |
shared: better implement compat version of explicit_bzero()
If we don't have explicit_bzero(), try a bit harder and use
a volatile pointer.
This is also what libsecret's egg_secure_clear() does [1]. However, for
us this is less important, because commonly we expect glibc to provide
a useable explicit_bzero().
[1] https://gitlab.gnome.org/GNOME/libsecret/blob/b5442654d483e959ac9ecd3a3fb9eebc8d9d8399/egg/egg-secure-memory.c#L1352
-rw-r--r-- | shared/nm-utils/nm-secret-utils.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/shared/nm-utils/nm-secret-utils.c b/shared/nm-utils/nm-secret-utils.c index ec5cc6b1b3..81f8b5aeef 100644 --- a/shared/nm-utils/nm-secret-utils.c +++ b/shared/nm-utils/nm-secret-utils.c @@ -30,15 +30,22 @@ void nm_explicit_bzero (void *s, gsize n) { /* gracefully handle n == 0. This is important, callers rely on it. */ - if (n > 0) { - nm_assert (s); + if (n == 0) + return; + + nm_assert (s); + #if defined (HAVE_DECL_EXPLICIT_BZERO) && HAVE_DECL_EXPLICIT_BZERO - explicit_bzero (s, n); + explicit_bzero (s, n); #else - /* don't bother with a workaround. Use a reasonable glibc. */ - memset (s, 0, n); -#endif + { + volatile guint8 *p = s; + + memset (s, '\0', n); + while (n-- > 0) + *(p++) = '\0'; } +#endif } /*****************************************************************************/ |