Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 3d673d103bad35afaec6e7ef73e5277216ce33a3^! / .
commit3d673d103bad35afaec6e7ef73e5277216ce33a3[log] [tgz]
authorDamien Miller <djm@mindrot.org>Wed Aug 27 06:32:01 2014 +1000
committerDamien Miller <djm@mindrot.org>Wed Aug 27 06:32:01 2014 +1000
tree646afea264f1f91573e590f1ae5818cfb7f7b296
parent146218ac11a1eb0dcade6f793d7acdef163b5ddc [diff]
 - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
   using memset_s() where possible; improve fallback to indirect bzero
   via a volatile pointer to give it more of a chance to avoid being
   optimised away.

diff --git a/ChangeLog b/ChangeLog
index 378b388..7ec09ba 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -8,6 +8,10 @@
    on !ECC OpenSSL systems
  - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
    monitor, not preauth; bz#2263
+ - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
+   using memset_s() where possible; improve fallback to indirect bzero
+   via a volatile pointer to give it more of a chance to avoid being
+   optimised away.
 
 20140825
  - (djm) [bufec.c] Skip this file on !ECC OpenSSL

diff --git a/configure.ac b/configure.ac
index d5b4377..67c4486 100644
--- a/configure.ac
+++ b/configure.ac

@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.582 2014/08/23 07:06:49 djm Exp $
+# $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org])
-AC_REVISION($Revision: 1.582 $)
+AC_REVISION($Revision: 1.583 $)
 AC_CONFIG_SRCDIR([ssh.c])
 AC_LANG([C])
 
@@ -1618,6 +1618,7 @@
 	mblen \
 	md5_crypt \
 	memmove \
+	memset_s \
 	mkdtemp \
 	mmap \
 	ngetaddrinfo \

diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c
index b106741..3c85a48 100644
--- a/openbsd-compat/explicit_bzero.c
+++ b/openbsd-compat/explicit_bzero.c

@@ -7,14 +7,34 @@
 
 #include "includes.h"
 
-#ifndef HAVE_EXPLICIT_BZERO
-
 /*
  * explicit_bzero - don't let the compiler optimize away bzero
  */
+
+#ifndef HAVE_EXPLICIT_BZERO
+
+#ifdef HAVE_MEMSET_S
+
 void
 explicit_bzero(void *p, size_t n)
 {
-	bzero(p, n);
+	(void)memset_s(p, n, 0, n);
 }
-#endif
+
+#else /* HAVE_MEMSET_S */
+
+/*
+ * Indirect bzero through a volatile pointer to hopefully avoid
+ * dead-store optimisation eliminating the call.
+ */
+static void (* volatile ssh_bzero)(void *, size_t) = bzero;
+
+void
+explicit_bzero(void *p, size_t n)
+{
+	ssh_bzero(p, n);
+}
+
+#endif /* HAVE_MEMSET_S */
+
+#endif /* HAVE_EXPLICIT_BZERO */