From 2a650772b4e1c78a4fd20bc88433930e5551fe9c Mon Sep 17 00:00:00 2001
From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
Date: Sat, 1 Dec 2018 13:43:09 +0200
Subject: common/mischelp: use platform memory zeroing function for wipememory

* common/mischelp.h (wipememory): Replace macro with function
prototype.
(wipememory2): Remove.
* common/mischelp.c (wipememory): New.
* configure.ac (AC_CHECK_FUNCS): Check for 'explicit_bzero'.
--

In new wipememory function, memory is cleared through platform
provided secure memory zeroing function, SecureZeroMemory
or explicit_bzero.

If none of these is available, memset is called through
volatile function pointer to so that compiler won't optimize
away the call.

Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
 common/mischelp.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'common/mischelp.c')

diff --git a/common/mischelp.c b/common/mischelp.c
index 75ba60714..81dd501f8 100644
--- a/common/mischelp.c
+++ b/common/mischelp.c
@@ -49,6 +49,22 @@
 #include "mischelp.h"
 
 
+void
+wipememory (void *ptr, size_t len)
+{
+#if defined(HAVE_W32_SYSTEM) && defined(SecureZeroMemory)
+  SecureZeroMemory (ptr, len);
+#elif defined(HAVE_EXPLICIT_BZERO)
+  explicit_bzero (ptr, len);
+#else
+  /* Prevent compiler from optimizing away the call to memset by accessing
+     memset through volatile pointer. */
+  static void *(*volatile memset_ptr)(void *, int, size_t) = (void *)memset;
+  memset_ptr (ptr, 0, len);
+#endif
+}
+
+
 /* Check whether the files NAME1 and NAME2 are identical.  This is for
    example achieved by comparing the inode numbers of the files.  */
 int
-- 
cgit v1.2.3