memzero(): call the weak function after zeroing
A weak function cannot be inlined, but even if it's a little bit far stretched, a compiler could add code taking different paths according to the callee. With a weak function called after the zeroing, we can be sure that the zeroing has to happen.
This commit is contained in:
parent
30e8a2b231
commit
99f8c19a1b
@ -64,15 +64,11 @@ static unsigned char canary[CANARY_SIZE];
|
||||
|
||||
#ifdef HAVE_WEAK_SYMBOLS
|
||||
__attribute__((weak)) void
|
||||
_sodium_memzero_as_a_weak_symbol_to_prevent_lto(void *const pnt,
|
||||
_sodium_dummy_symbol_to_prevent_memzero_lto(void *const pnt,
|
||||
const size_t len)
|
||||
{
|
||||
unsigned char *pnt_ = (unsigned char *) pnt;
|
||||
size_t i = (size_t) 0U;
|
||||
|
||||
while (i < len) {
|
||||
pnt_[i++] = 0U;
|
||||
}
|
||||
(void) pnt;
|
||||
(void) len;
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -88,7 +84,13 @@ sodium_memzero(void *const pnt, const size_t len)
|
||||
#elif defined(HAVE_EXPLICIT_BZERO)
|
||||
explicit_bzero(pnt, len);
|
||||
#elif HAVE_WEAK_SYMBOLS
|
||||
_sodium_memzero_as_a_weak_symbol_to_prevent_lto(pnt, len);
|
||||
unsigned char *pnt_ = (unsigned char *) pnt;
|
||||
size_t i = (size_t) 0U;
|
||||
|
||||
while (i < len) {
|
||||
pnt_[i++] = 0U;
|
||||
}
|
||||
_sodium_dummy_symbol_to_prevent_memzero_lto(pnt, len);
|
||||
#else
|
||||
volatile unsigned char *volatile pnt_ =
|
||||
(volatile unsigned char *volatile) pnt;
|
||||
|
Loading…
Reference in New Issue
Block a user