From 1fdd8749014cf390d6ea9dd4350146473362044e Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 6 Feb 2024 16:58:24 +0100 Subject: core: New function gpgrt_wipememory. * src/init.c (_gpgrt_wipememory): New. * src/visibility.c (gpgrt_wipememory): New. * src/visibility.h: Add it. * src/gpg-error.def.in: Ditto. * src/gpg-error.vers: Ditto. -- GnuPG-bug-id: 6954 --- src/gpg-error.def.in | 6 +++++- src/gpg-error.h.in | 1 + src/gpg-error.vers | 2 ++ src/gpgrt-int.h | 1 + src/init.c | 19 +++++++++++++++++++ src/visibility.c | 7 +++++++ src/visibility.h | 2 ++ 7 files changed, 37 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/gpg-error.def.in b/src/gpg-error.def.in index c431e8b..3bd18f7 100644 --- a/src/gpg-error.def.in +++ b/src/gpg-error.def.in @@ -202,7 +202,6 @@ EXPORTS ;; gpgrt_wait_processes @157 ;; gpgrt_kill_process @158 ;; gpgrt_release_process @159 -;; gpgrt_close_all_fds @188 gpgrt_argparse @160 gpgrt_usage @161 @@ -244,5 +243,10 @@ EXPORTS gpgrt_utf8_to_wchar @186 gpgrt_wchar_to_utf8 @187 +;; API not yet finished for: +;; gpgrt_close_all_fds @188 + + gpgrt_wipememory @189 + ;; end of file with public symbols for Windows. diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in index 969076c..fcf4eb6 100644 --- a/src/gpg-error.h.in +++ b/src/gpg-error.h.in @@ -472,6 +472,7 @@ void *gpgrt_calloc (size_t n, size_t m); char *gpgrt_strdup (const char *string); char *gpgrt_strconcat (const char *s1, ...) GPGRT_ATTR_SENTINEL(0); void gpgrt_free (void *a); +void gpgrt_wipememory (void *ptr, size_t len); /* diff --git a/src/gpg-error.vers b/src/gpg-error.vers index 57df10e..78a0ae8 100644 --- a/src/gpg-error.vers +++ b/src/gpg-error.vers @@ -209,6 +209,8 @@ GPG_ERROR_1.0 { gpgrt_access; + gpgrt_wipememory; + local: *; }; diff --git a/src/gpgrt-int.h b/src/gpgrt-int.h index d2b5d1c..410c483 100644 --- a/src/gpgrt-int.h +++ b/src/gpgrt-int.h @@ -121,6 +121,7 @@ void *_gpgrt_calloc (size_t n, size_t m); char *_gpgrt_strdup (const char *string); char *_gpgrt_strconcat (const char *s1, ...) GPGRT_ATTR_SENTINEL(0); void _gpgrt_free (void *a); +void _gpgrt_wipememory (void *ptr, size_t len); /* The next is only to be used by visibility.c. */ char *_gpgrt_strconcat_core (const char *s1, va_list arg_ptr); diff --git a/src/init.c b/src/init.c index 493e3ba..c4b7e56 100644 --- a/src/init.c +++ b/src/init.c @@ -412,6 +412,25 @@ _gpgrt_free (void *a) } +void +_gpgrt_wipememory (void *ptr, size_t len) +{ + if (ptr && len) + { +#if defined(HAVE_W32_SYSTEM) && defined(SecureZeroMemory) + SecureZeroMemory (ptr, len); +#elif defined(HAVE_EXPLICIT_BZERO) + explicit_bzero (ptr, len); +#else + /* Prevent compiler from optimizing away the call to memset by + * accessing memset through volatile pointer. */ + static void *(*volatile memset_ptr)(void *, int, size_t) = (void *)memset; + memset_ptr (ptr, 0, len); +#endif + } +} + + void _gpg_err_set_errno (int err) { diff --git a/src/visibility.c b/src/visibility.c index 0a058d2..5ecef45 100644 --- a/src/visibility.c +++ b/src/visibility.c @@ -817,6 +817,13 @@ gpgrt_free (void *a) _gpgrt_free (a); } +void +gpgrt_wipememory (void *ptr, size_t len) +{ + if (ptr && len) + _gpgrt_wipememory (ptr, len); +} + char * gpgrt_getenv (const char *name) { diff --git a/src/visibility.h b/src/visibility.h index dfdcad1..75aec0d 100644 --- a/src/visibility.h +++ b/src/visibility.h @@ -159,6 +159,7 @@ MARK_VISIBLE (gpgrt_calloc) MARK_VISIBLE (gpgrt_strdup) MARK_VISIBLE (gpgrt_strconcat) MARK_VISIBLE (gpgrt_free) +MARK_VISIBLE (gpgrt_wipememory) MARK_VISIBLE (gpgrt_getenv) MARK_VISIBLE (gpgrt_setenv) MARK_VISIBLE (gpgrt_mkdir) @@ -345,6 +346,7 @@ MARK_VISIBLE (gpgrt_absfnameconcat) #define gpgrt_strdup _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_strconcat _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_free _gpgrt_USE_UNDERSCORED_FUNCTION +#define gpgrt_wipememory _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_getenv _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_setenv _gpgrt_USE_UNDERSCORED_FUNCTION #define gpgrt_mkdir _gpgrt_USE_UNDERSCORED_FUNCTION -- cgit v1.2.3