From 9270bff168ecc98d1761a32ca28b1f3906b093f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sun, 5 Feb 2017 20:05:27 -0500 Subject: treewide: replace homegrown memory_erase with explicit_bzero explicit_bzero was added in glibc 2.25. Make use of it. explicit_bzero is hardcoded to zero the memory, so string erase now truncates the string, instead of overwriting it with 'x'. This causes a visible difference only in the journalctl case. --- src/basic/string-util.c | 11 ++++++----- src/basic/string-util.h | 5 ++++- 2 files changed, 10 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/basic/string-util.c b/src/basic/string-util.c index b906b581c..9b060a9a2 100644 --- a/src/basic/string-util.c +++ b/src/basic/string-util.c @@ -825,6 +825,7 @@ int free_and_strdup(char **p, const char *s) { return 1; } +#if !HAVE_DECL_EXPLICIT_BZERO /* * Pointer to memset is volatile so that compiler must de-reference * the pointer and can't assume that it points to any function in @@ -835,19 +836,19 @@ typedef void *(*memset_t)(void *,int,size_t); static volatile memset_t memset_func = memset; -void* memory_erase(void *p, size_t l) { - return memset_func(p, 'x', l); +void explicit_bzero(void *p, size_t l) { + memset_func(p, '\0', l); } +#endif char* string_erase(char *x) { - if (!x) return NULL; /* A delicious drop of snake-oil! To be called on memory where * we stored passphrases or so, after we used them. */ - - return memory_erase(x, strlen(x)); + explicit_bzero(x, strlen(x)); + return x; } char *string_free_erase(char *s) { diff --git a/src/basic/string-util.h b/src/basic/string-util.h index 668b63907..38c7c1009 100644 --- a/src/basic/string-util.h +++ b/src/basic/string-util.h @@ -197,7 +197,10 @@ static inline void *memmem_safe(const void *haystack, size_t haystacklen, const return memmem(haystack, haystacklen, needle, needlelen); } -void* memory_erase(void *p, size_t l); +#if !HAVE_DECL_EXPLICIT_BZERO +void explicit_bzero(void *p, size_t l); +#endif + char *string_erase(char *x); char *string_free_erase(char *s); -- cgit v1.2.3