Make sure that some memory zeroing always happens.

2026-03-06 15:37:00 -05:00 · 2019-01-08 14:46:41 -08:00
parent 48163179eb
commit c376170644
3 changed files with 15 additions and 5 deletions
--- a/authenticate.c
+++ b/authenticate.c
@@ -162,8 +162,8 @@ static const char *check_secret(int module, const char *user, const char *group,

 	fclose(fh);

-	memset(line, 0, sizeof line);
-	memset(pass2, 0, sizeof pass2);
+	force_memzero(line, sizeof line);
+	force_memzero(pass2, sizeof pass2);

 	return err;
 }
@@ -318,8 +318,8 @@ char *auth_server(int f_in, int f_out, int module, const char *host,
 		err = check_secret(module, line, group, challenge, pass);
 	}

-	memset(challenge, 0, sizeof challenge);
-	memset(pass, 0, strlen(pass));
+	force_memzero(challenge, sizeof challenge);
+	force_memzero(pass, strlen(pass));

 	if (auth_uid_groups) {
 		int j;
--- a/fileio.c
+++ b/fileio.c
@@ -322,7 +322,9 @@ int unmap_file(struct map_struct *map)
 		map->p = NULL;
 	}
 	ret = map->status;
-	memset(map, 0, sizeof map[0]);
+#if 0 /* I don't think we really need this. */
+	force_memzero(map, sizeof map[0]);
+#endif
 	free(map);

 	return ret;
--- a/util.c
+++ b/util.c
@@ -1682,3 +1682,11 @@ void *expand_item_list(item_list *lp, size_t item_size,
 	}
 	return (char*)lp->items + (lp->count++ * item_size);
 }
+
+/* This zeroing of memory won't be optimized away by the compiler. */
+void force_memzero(void *buf, size_t len)
+{
+    volatile uchar *z = buf;
+    while (len-- > 0)
+	*z++ = '\0';
+}