Make zap() more reliable

The gcc assembly version of zap() could still be optimized out under gcc 5.1 or later, and the krb5int_zap() function could be optimized out with link-time optimization. Based on work by Zhaomo Yang and Brian Johannesmeyer, use the C11 memset_s() when available, then fall back to a memory barrier with gcc or clang, and finally fall back to using krb5int_zap(). Modify krb5int_zap() to use a volatile pointer in case link-time optimization is used. ticket: 8514 (new) target_version: 1.15-next target_version: 1.14-next tags: pullup
author: Greg Hudson <ghudson@mit.edu> 2016-10-31 11:48:54 -0400
committer: Greg Hudson <ghudson@mit.edu> 2016-11-09 00:14:23 -0500
commit: c163275f899b201dc2807b3ff2949d5e2ee7d838 (patch)
tree: 59806c3ad5cf97d7c5f4ee1c05f694bea03736dc /src/util
parent: 081ee2f7d98b939bf7b4866845d4243b5ca3992c (diff)
download: krb5-c163275f899b201dc2807b3ff2949d5e2ee7d838.zip
krb5-c163275f899b201dc2807b3ff2949d5e2ee7d838.tar.gz
krb5-c163275f899b201dc2807b3ff2949d5e2ee7d838.tar.bz2
1 files changed, 4 insertions, 1 deletions
diff --git a/src/util/support/zap.c b/src/util/support/zap.c
index 48512a9..ed31630 100644
--- a/src/util/support/zap.c
+++ b/src/util/support/zap.c
@@ -34,5 +34,8 @@
 
 void krb5int_zap(void *ptr, size_t len)
 {
-    memset(ptr, 0, len);
+    volatile char *p = ptr;
+
+    while (len--)
+        *p++ = '\0';
 }
author	Greg Hudson <ghudson@mit.edu>	2016-10-31 11:48:54 -0400
committer	Greg Hudson <ghudson@mit.edu>	2016-11-09 00:14:23 -0500
commit	c163275f899b201dc2807b3ff2949d5e2ee7d838 (patch)
tree	59806c3ad5cf97d7c5f4ee1c05f694bea03736dc /src/util
parent	081ee2f7d98b939bf7b4866845d4243b5ca3992c (diff)
download	krb5-c163275f899b201dc2807b3ff2949d5e2ee7d838.zip krb5-c163275f899b201dc2807b3ff2949d5e2ee7d838.tar.gz krb5-c163275f899b201dc2807b3ff2949d5e2ee7d838.tar.bz2