Hand-roll zeroing instead of relying on memset()

2016-04-21 17:17:24 +02:00 · 2016-04-21 17:17:24 +02:00 · 2de4b3f514
commit 2de4b3f514
parent 24daccad11
1 changed files with 9 additions and 6 deletions
--- a/src/libsodium/sodium/utils.c
+++ b/src/libsodium/sodium/utils.c
@ -55,10 +55,14 @@ static unsigned char canary[CANARY_SIZE];

 #ifdef HAVE_WEAK_SYMBOLS
 __attribute__ ((weak)) void
-_sodium_dummy_symbol_to_prevent_memzero_lto(void * const pnt, const size_t len)
+_sodium_memzero_as_a_weak_symbol_to_prevent_lto(void * const pnt, const size_t len)
 {
-    (void) pnt;
-    (void) len;
+    unsigned char *pnt_ = (unsigned char *) pnt;;
+    size_t         i = (size_t) 0U;
+
+    while (i < len) {
+        pnt_[i++] = 0U;
+    }
 }
 #endif

@ -68,14 +72,13 @@ sodium_memzero(void * const pnt, const size_t len)
 #ifdef _WIN32
    SecureZeroMemory(pnt, len);
 #elif defined(HAVE_MEMSET_S)
-    if (memset_s(pnt, (rsize_t) len, 0, (rsize_t) len) != 0) {
+    if (len > 0U && memset_s(pnt, (rsize_t) len, 0, (rsize_t) len) != 0) {
        abort(); /* LCOV_EXCL_LINE */
    }
 #elif defined(HAVE_EXPLICIT_BZERO)
    explicit_bzero(pnt, len);
 #elif HAVE_WEAK_SYMBOLS
-    memset(pnt, 0, len);
-    _sodium_dummy_symbol_to_prevent_memzero_lto(pnt, len);
+    _sodium_memzero_as_a_weak_symbol_to_prevent_lto(pnt, len);
 #else
    volatile unsigned char *volatile pnt_ =
        (volatile unsigned char * volatile) pnt;