cheng/libsodium
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

memzero(): call the weak function after zeroing

Browse Source 
A weak function cannot be inlined, but even if it's a little bit
far stretched, a compiler could add code taking different paths
according to the callee.

With a weak function called after the zeroing, we can be sure
that the zeroing has to happen.
This commit is contained in:
Frank Denis 2017-07-16 00:48:59 +02:00
parent 30e8a2b231
commit 99f8c19a1b
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/libsodium/sodium/utils.c
View File

@ -64,15 +64,11 @@ static unsigned char canary[CANARY_SIZE];
#ifdef HAVE_WEAK_SYMBOLS
__attribute__((weak)) void
_sodium_memzero_as_a_weak_symbol_to_prevent_lto(void *const pnt,
const size_t len)
_sodium_dummy_symbol_to_prevent_memzero_lto(void *const pnt,
const size_t len)
{
unsigned char *pnt_ = (unsigned char *) pnt;
size_t i = (size_t) 0U;
while (i < len) {
pnt_[i++] = 0U;
}
(void) pnt;
(void) len;
}
#endif
@ -88,7 +84,13 @@ sodium_memzero(void *const pnt, const size_t len)
#elif defined(HAVE_EXPLICIT_BZERO)
explicit_bzero(pnt, len);
#elif HAVE_WEAK_SYMBOLS
_sodium_memzero_as_a_weak_symbol_to_prevent_lto(pnt, len);
unsigned char *pnt_ = (unsigned char *) pnt;
size_t i = (size_t) 0U;
while (i < len) {
pnt_[i++] = 0U;
}
_sodium_dummy_symbol_to_prevent_memzero_lto(pnt, len);
#else
volatile unsigned char *volatile pnt_ =
(volatile unsigned char *volatile) pnt;