E auth: improve clearing out passwords from memory.

Optimising compilers (like gcc/clang with -O1 or above) were optimising
out the memset(). Until link time optimisations are good enough, this
will prevent them from doing so. The best solution would be to use
memset_s() (c11), though it's not readily available yet. This is the
first step towards using memset_s() with a fallback for systems who
don't have it. A better solution, is to put it in Eina, to prevent LTO
completely. This will have to be done after the EFL release.
Even this is not entirely safe though, but at least it protects us from
some memory disclosure issues.

This doesn't solve the fact that we may store a copy of the password in
other places, like the input system. We need to address that too.

Thanks to Matthew Garrett for pointing this out or Twitter.

1 files changed, 2 insertions, 4 deletions

diff --git a/src/modules/lokker/lokker.c b/src/modules/lokker/lokker.c
index fdc75178d0..a9ecfbf4a2 100644
--- a/src/modules/lokker/lokker.c
+++ b/src/modules/lokker/lokker.c
@@ -96,10 +96,8 @@ _text_passwd_update(void)
 static void
 _lokker_null(void)
 {
-   memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
-   /* break compiler optimization */
-   if (edd->passwd[0] || edd->passwd[3])
-     fprintf(stderr, "ACK!\n");
+   e_util_memclear(edd->passwd, PASSWD_LEN);
+
    _text_passwd_update();
 }