Fix memset usage in pgcrypto
Started by Marko Kreenabout 12 years ago5 messages
http://www.viva64.com/en/b/0227/ reported that on-stack memset()s
might be optimized away by compilers. Fix it.
* Replace memset() with px_memset()
* Add px_memset to copy_crlf()
* ADd px_memset to pgp-s2k.c
--
marko
Attachments:
pgcrypto-memset.difftext/x-diff; charset=us-asciiDownload
diff --git a/contrib/pgcrypto/crypt-blowfish.c b/contrib/pgcrypto/crypt-blowfish.c
index b49747d..fbaa3d7 100644
--- a/contrib/pgcrypto/crypt-blowfish.c
+++ b/contrib/pgcrypto/crypt-blowfish.c
@@ -35,6 +35,7 @@
#include "postgres.h"
#include "px-crypt.h"
+#include "px.h"
#ifdef __i386__
#define BF_ASM 0 /* 1 */
@@ -616,7 +617,7 @@ _crypt_blowfish_rn(const char *key, const char *setting,
count = (BF_word) 1 << ((setting[4] - '0') * 10 + (setting[5] - '0'));
if (count < 16 || BF_decode(data.binary.salt, &setting[7], 16))
{
- memset(data.binary.salt, 0, sizeof(data.binary.salt));
+ px_memset(data.binary.salt, 0, sizeof(data.binary.salt));
return NULL;
}
BF_swap(data.binary.salt, 4);
@@ -729,7 +730,7 @@ _crypt_blowfish_rn(const char *key, const char *setting,
/* Overwrite the most obvious sensitive data we have on the stack. Note
* that this does not guarantee there's no sensitive data left on the
* stack and/or in registers; I'm not aware of portable code that does. */
- memset(&data, 0, sizeof(data));
+ px_memset(&data, 0, sizeof(data));
return output;
}
diff --git a/contrib/pgcrypto/crypt-md5.c b/contrib/pgcrypto/crypt-md5.c
index 2a5cd70..6a09d76 100644
--- a/contrib/pgcrypto/crypt-md5.c
+++ b/contrib/pgcrypto/crypt-md5.c
@@ -89,7 +89,7 @@ px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
px_md_update(ctx, final, pl > MD5_SIZE ? MD5_SIZE : pl);
/* Don't leave anything around in vm they could use. */
- memset(final, 0, sizeof final);
+ px_memset(final, 0, sizeof final);
/* Then something really weird... */
for (i = strlen(pw); i; i >>= 1)
@@ -154,7 +154,7 @@ px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
*p = '\0';
/* Don't leave anything around in vm they could use. */
- memset(final, 0, sizeof final);
+ px_memset(final, 0, sizeof final);
px_md_free(ctx1);
px_md_free(ctx);
diff --git a/contrib/pgcrypto/fortuna.c b/contrib/pgcrypto/fortuna.c
index 1228fb4..47380a8 100644
--- a/contrib/pgcrypto/fortuna.c
+++ b/contrib/pgcrypto/fortuna.c
@@ -34,6 +34,7 @@
#include <sys/time.h>
#include <time.h>
+#include "px.h"
#include "rijndael.h"
#include "sha2.h"
#include "fortuna.h"
@@ -169,7 +170,7 @@ md_result(MD_CTX * ctx, uint8 *dst)
memcpy(&tmp, ctx, sizeof(*ctx));
SHA256_Final(dst, &tmp);
- memset(&tmp, 0, sizeof(tmp));
+ px_memset(&tmp, 0, sizeof(tmp));
}
/*
@@ -243,7 +244,7 @@ enough_time_passed(FState *st)
if (ok)
memcpy(last, &tv, sizeof(tv));
- memset(&tv, 0, sizeof(tv));
+ px_memset(&tv, 0, sizeof(tv));
return ok;
}
@@ -290,8 +291,8 @@ reseed(FState *st)
/* use new key */
ciph_init(&st->ciph, st->key, BLOCK);
- memset(&key_md, 0, sizeof(key_md));
- memset(buf, 0, BLOCK);
+ px_memset(&key_md, 0, sizeof(key_md));
+ px_memset(buf, 0, BLOCK);
}
/*
@@ -341,8 +342,8 @@ add_entropy(FState *st, const uint8 *data, unsigned len)
if (pos == 0)
st->pool0_bytes += len;
- memset(hash, 0, BLOCK);
- memset(&md, 0, sizeof(md));
+ px_memset(hash, 0, BLOCK);
+ px_memset(&md, 0, sizeof(md));
}
/*
@@ -378,7 +379,7 @@ startup_tricks(FState *st)
encrypt_counter(st, buf + CIPH_BLOCK);
md_update(&st->pool[i], buf, BLOCK);
}
- memset(buf, 0, BLOCK);
+ px_memset(buf, 0, BLOCK);
/* Hide the key. */
rekey(st);
diff --git a/contrib/pgcrypto/internal-sha2.c b/contrib/pgcrypto/internal-sha2.c
index f86b478..912effb 100644
--- a/contrib/pgcrypto/internal-sha2.c
+++ b/contrib/pgcrypto/internal-sha2.c
@@ -84,7 +84,7 @@ int_sha224_free(PX_MD *h)
{
SHA224_CTX *ctx = (SHA224_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -132,7 +132,7 @@ int_sha256_free(PX_MD *h)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -180,7 +180,7 @@ int_sha384_free(PX_MD *h)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -228,7 +228,7 @@ int_sha512_free(PX_MD *h)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
index a02c943..7b33e49 100644
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@@ -142,7 +142,7 @@ int_md5_free(PX_MD *h)
{
MD5_CTX *ctx = (MD5_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -190,7 +190,7 @@ int_sha1_free(PX_MD *h)
{
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -265,7 +265,7 @@ intctx_free(PX_Cipher *c)
if (cx)
{
- memset(cx, 0, sizeof *cx);
+ px_memset(cx, 0, sizeof *cx);
px_free(cx);
}
px_free(c);
@@ -658,7 +658,7 @@ system_reseed(void)
skip = buf[0] >= SYSTEM_RESEED_CHANCE;
}
/* clear 1 byte */
- memset(buf, 0, sizeof(buf));
+ px_memset(buf, 0, sizeof(buf));
if (skip)
return;
@@ -668,7 +668,7 @@ system_reseed(void)
fortuna_add_entropy(buf, n);
seed_time = t;
- memset(buf, 0, sizeof(buf));
+ px_memset(buf, 0, sizeof(buf));
}
int
diff --git a/contrib/pgcrypto/mbuf.c b/contrib/pgcrypto/mbuf.c
index a2c5293..f3a0e01 100644
--- a/contrib/pgcrypto/mbuf.c
+++ b/contrib/pgcrypto/mbuf.c
@@ -69,7 +69,7 @@ mbuf_free(MBuf *mbuf)
{
if (mbuf->own_data)
{
- memset(mbuf->data, 0, mbuf->buf_end - mbuf->data);
+ px_memset(mbuf->data, 0, mbuf->buf_end - mbuf->data);
px_free(mbuf->data);
}
px_free(mbuf);
@@ -249,11 +249,11 @@ pullf_free(PullFilter *pf)
if (pf->buf)
{
- memset(pf->buf, 0, pf->buflen);
+ px_memset(pf->buf, 0, pf->buflen);
px_free(pf->buf);
}
- memset(pf, 0, sizeof(*pf));
+ px_memset(pf, 0, sizeof(*pf));
px_free(pf);
}
@@ -298,7 +298,7 @@ pullf_read_max(PullFilter *pf, int len, uint8 **data_p, uint8 *tmpbuf)
if (res < 0)
{
/* so the caller must clear only on success */
- memset(tmpbuf, 0, total);
+ px_memset(tmpbuf, 0, total);
return res;
}
if (res == 0)
@@ -415,11 +415,11 @@ pushf_free(PushFilter *mp)
if (mp->buf)
{
- memset(mp->buf, 0, mp->block_size);
+ px_memset(mp->buf, 0, mp->block_size);
px_free(mp->buf);
}
- memset(mp, 0, sizeof(*mp));
+ px_memset(mp, 0, sizeof(*mp));
px_free(mp);
}
diff --git a/contrib/pgcrypto/openssl.c b/contrib/pgcrypto/openssl.c
index ad7fb9e..e6c7251 100644
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -142,7 +142,7 @@ EVP_MD_CTX_init(EVP_MD_CTX *ctx)
static int
EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
{
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
return 1;
}
@@ -381,7 +381,7 @@ gen_ossl_free(PX_Cipher *c)
{
ossldata *od = (ossldata *) c->ptr;
- memset(od, 0, sizeof(*od));
+ px_memset(od, 0, sizeof(*od));
px_free(od);
px_free(c);
}
diff --git a/contrib/pgcrypto/pgp-cfb.c b/contrib/pgcrypto/pgp-cfb.c
index 7cf9bf0..d9939ee 100644
--- a/contrib/pgcrypto/pgp-cfb.c
+++ b/contrib/pgcrypto/pgp-cfb.c
@@ -85,7 +85,7 @@ void
pgp_cfb_free(PGP_CFB *ctx)
{
px_cipher_free(ctx->ciph);
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
}
diff --git a/contrib/pgcrypto/pgp-compress.c b/contrib/pgcrypto/pgp-compress.c
index c592453..7834660 100644
--- a/contrib/pgcrypto/pgp-compress.c
+++ b/contrib/pgcrypto/pgp-compress.c
@@ -175,7 +175,7 @@ compress_free(void *priv)
struct ZipStat *st = priv;
deflateEnd(&st->stream);
- memset(st, 0, sizeof(*st));
+ px_memset(st, 0, sizeof(*st));
px_free(st);
}
@@ -298,7 +298,7 @@ decompress_free(void *priv)
struct DecomprData *dec = priv;
inflateEnd(&dec->stream);
- memset(dec, 0, sizeof(*dec));
+ px_memset(dec, 0, sizeof(*dec));
px_free(dec);
}
diff --git a/contrib/pgcrypto/pgp-decrypt.c b/contrib/pgcrypto/pgp-decrypt.c
index c9aa6cd..2063e8c 100644
--- a/contrib/pgcrypto/pgp-decrypt.c
+++ b/contrib/pgcrypto/pgp-decrypt.c
@@ -210,7 +210,7 @@ pktreader_free(void *priv)
{
struct PktData *pkt = priv;
- memset(pkt, 0, sizeof(*pkt));
+ px_memset(pkt, 0, sizeof(*pkt));
px_free(pkt);
}
@@ -257,7 +257,7 @@ prefix_init(void **priv_p, void *arg, PullFilter *src)
if (res != len + 2)
{
px_debug("prefix_init: short read");
- memset(tmpbuf, 0, sizeof(tmpbuf));
+ px_memset(tmpbuf, 0, sizeof(tmpbuf));
return PXE_PGP_CORRUPT_DATA;
}
@@ -280,7 +280,7 @@ prefix_init(void **priv_p, void *arg, PullFilter *src)
*/
ctx->corrupt_prefix = 1;
}
- memset(tmpbuf, 0, sizeof(tmpbuf));
+ px_memset(tmpbuf, 0, sizeof(tmpbuf));
return 0;
}
@@ -395,8 +395,8 @@ mdc_finish(PGP_Context *ctx, PullFilter *src,
*/
px_md_finish(ctx->mdc_ctx, hash);
res = memcmp(hash, *data_p, 20);
- memset(hash, 0, 20);
- memset(tmpbuf, 0, sizeof(tmpbuf));
+ px_memset(hash, 0, 20);
+ px_memset(tmpbuf, 0, sizeof(tmpbuf));
if (res != 0)
{
px_debug("mdc_finish: mdc failed");
@@ -493,7 +493,7 @@ mdcbuf_finish(struct MDCBufData * st)
px_md_update(st->ctx->mdc_ctx, st->mdc_buf, 2);
px_md_finish(st->ctx->mdc_ctx, hash);
res = memcmp(hash, st->mdc_buf + 2, 20);
- memset(hash, 0, 20);
+ px_memset(hash, 0, 20);
if (res)
{
px_debug("mdcbuf_finish: MDC does not match");
@@ -593,7 +593,7 @@ mdcbuf_free(void *priv)
px_md_free(st->ctx->mdc_ctx);
st->ctx->mdc_ctx = NULL;
- memset(st, 0, sizeof(*st));
+ px_memset(st, 0, sizeof(*st));
px_free(st);
}
@@ -703,7 +703,7 @@ parse_symenc_sesskey(PGP_Context *ctx, PullFilter *src)
res = decrypt_key(ctx, p, res);
}
- memset(tmpbuf, 0, sizeof(tmpbuf));
+ px_memset(tmpbuf, 0, sizeof(tmpbuf));
return res;
}
@@ -753,6 +753,7 @@ copy_crlf(MBuf *dst, uint8 *data, int len, int *got_cr)
if (res < 0)
return res;
}
+ px_memset(tmpbuf, 0, sizeof(tmpbuf));
return 0;
}
@@ -792,7 +793,7 @@ parse_literal_data(PGP_Context *ctx, MBuf *dst, PullFilter *pkt)
px_debug("parse_literal_data: unexpected eof");
return PXE_PGP_CORRUPT_DATA;
}
- memset(tmpbuf, 0, 4);
+ px_memset(tmpbuf, 0, 4);
/* check if text */
if (ctx->text_mode)
diff --git a/contrib/pgcrypto/pgp-encrypt.c b/contrib/pgcrypto/pgp-encrypt.c
index 3b9b5d2..48eb3f4 100644
--- a/contrib/pgcrypto/pgp-encrypt.c
+++ b/contrib/pgcrypto/pgp-encrypt.c
@@ -128,7 +128,7 @@ mdc_flush(PushFilter *dst, void *priv)
px_md_finish(md, pkt + 2);
res = pushf_write(dst, pkt, 2 + MDC_DIGEST_LEN);
- memset(pkt, 0, 2 + MDC_DIGEST_LEN);
+ px_memset(pkt, 0, 2 + MDC_DIGEST_LEN);
return res;
}
@@ -217,7 +217,7 @@ encrypt_free(void *priv)
{
struct EncStat *st = priv;
- memset(st, 0, sizeof(*st));
+ px_memset(st, 0, sizeof(*st));
px_free(st);
}
@@ -299,7 +299,7 @@ pkt_stream_free(void *priv)
{
struct PktStreamStat *st = priv;
- memset(st, 0, sizeof(*st));
+ px_memset(st, 0, sizeof(*st));
px_free(st);
}
@@ -490,7 +490,7 @@ write_prefix(PGP_Context *ctx, PushFilter *dst)
prefix[bs + 1] = prefix[bs - 1];
res = pushf_write(dst, prefix, bs + 2);
- memset(prefix, 0, bs + 2);
+ px_memset(prefix, 0, bs + 2);
return res < 0 ? res : 0;
}
@@ -552,7 +552,7 @@ write_symenc_sesskey(PGP_Context *ctx, PushFilter *dst)
if (res >= 0)
res = pushf_write(dst, pkt, pktlen);
- memset(pkt, 0, pktlen);
+ px_memset(pkt, 0, pktlen);
return res;
}
diff --git a/contrib/pgcrypto/pgp-mpi.c b/contrib/pgcrypto/pgp-mpi.c
index c8765b6..0daca3c 100644
--- a/contrib/pgcrypto/pgp-mpi.c
+++ b/contrib/pgcrypto/pgp-mpi.c
@@ -72,7 +72,7 @@ pgp_mpi_free(PGP_MPI *mpi)
{
if (mpi == NULL)
return 0;
- memset(mpi, 0, sizeof(*mpi) + mpi->bytes);
+ px_memset(mpi, 0, sizeof(*mpi) + mpi->bytes);
px_free(mpi);
return 0;
}
diff --git a/contrib/pgcrypto/pgp-pgsql.c b/contrib/pgcrypto/pgp-pgsql.c
index d4eec03..828f64a 100644
--- a/contrib/pgcrypto/pgp-pgsql.c
+++ b/contrib/pgcrypto/pgp-pgsql.c
@@ -87,7 +87,7 @@ add_block_entropy(PX_MD *md, text *data)
px_add_entropy(sha1, 20);
- memset(sha1, 0, 20);
+ px_memset(sha1, 0, 20);
}
/*
@@ -129,7 +129,7 @@ add_entropy(text *data1, text *data2, text *data3)
add_block_entropy(md, data3);
px_md_free(md);
- memset(rnd, 0, sizeof(rnd));
+ px_memset(rnd, 0, sizeof(rnd));
}
/*
@@ -167,7 +167,7 @@ convert_to_utf8(text *src)
static void
clear_and_pfree(text *p)
{
- memset(p, 0, VARSIZE(p));
+ px_memset(p, 0, VARSIZE(p));
pfree(p);
}
diff --git a/contrib/pgcrypto/pgp-pubenc.c b/contrib/pgcrypto/pgp-pubenc.c
index 943d2e4..0d1be7d 100644
--- a/contrib/pgcrypto/pgp-pubenc.c
+++ b/contrib/pgcrypto/pgp-pubenc.c
@@ -73,7 +73,7 @@ pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
if (res < 0)
{
- memset(buf, 0, res_len);
+ px_memset(buf, 0, res_len);
px_free(buf);
return res;
}
@@ -123,10 +123,10 @@ create_secmsg(PGP_Context *ctx, PGP_MPI **msg_p, int full_bytes)
if (padded)
{
- memset(padded, 0, full_bytes);
+ px_memset(padded, 0, full_bytes);
px_free(padded);
}
- memset(secmsg, 0, klen + 3);
+ px_memset(secmsg, 0, klen + 3);
px_free(secmsg);
if (res >= 0)
diff --git a/contrib/pgcrypto/pgp-pubkey.c b/contrib/pgcrypto/pgp-pubkey.c
index 9651d5e..abab058 100644
--- a/contrib/pgcrypto/pgp-pubkey.c
+++ b/contrib/pgcrypto/pgp-pubkey.c
@@ -77,7 +77,7 @@ pgp_key_free(PGP_PubKey *pk)
pgp_mpi_free(pk->sec.dsa.x);
break;
}
- memset(pk, 0, sizeof(*pk));
+ px_memset(pk, 0, sizeof(*pk));
px_free(pk);
}
@@ -150,7 +150,7 @@ calc_key_id(PGP_PubKey *pk)
px_md_free(md);
memcpy(pk->key_id, hash + 12, 8);
- memset(hash, 0, 20);
+ px_memset(hash, 0, 20);
return 0;
}
@@ -291,8 +291,8 @@ check_key_sha1(PullFilter *src, PGP_PubKey *pk)
res = PXE_PGP_KEYPKT_CORRUPT;
}
err:
- memset(got_sha1, 0, 20);
- memset(my_sha1, 0, 20);
+ px_memset(got_sha1, 0, 20);
+ px_memset(my_sha1, 0, 20);
return res;
}
diff --git a/contrib/pgcrypto/pgp-s2k.c b/contrib/pgcrypto/pgp-s2k.c
index 349234e..40c05a1 100644
--- a/contrib/pgcrypto/pgp-s2k.c
+++ b/contrib/pgcrypto/pgp-s2k.c
@@ -75,6 +75,7 @@ calc_s2k_simple(PGP_S2K *s2k, PX_MD *md, const uint8 *key,
remain = 0;
}
}
+ px_memset(buf, 0, sizeof(buf));
return 0;
}
@@ -118,6 +119,7 @@ calc_s2k_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
remain = 0;
}
}
+ px_memset(buf, 0, sizeof(buf));
return 0;
}
@@ -189,6 +191,7 @@ calc_s2k_iter_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key,
remain = 0;
}
}
+ px_memset(buf, 0, sizeof(buf));
return 0;
}
diff --git a/contrib/pgcrypto/pgp.c b/contrib/pgcrypto/pgp.c
index b8a6bc4..a17ca93 100644
--- a/contrib/pgcrypto/pgp.c
+++ b/contrib/pgcrypto/pgp.c
@@ -225,7 +225,7 @@ pgp_free(PGP_Context *ctx)
{
if (ctx->pub_key)
pgp_key_free(ctx->pub_key);
- memset(ctx, 0, sizeof *ctx);
+ px_memset(ctx, 0, sizeof *ctx);
px_free(ctx);
return 0;
}
diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c
index 63ec038..523efc8 100644
--- a/contrib/pgcrypto/px-crypt.c
+++ b/contrib/pgcrypto/px-crypt.c
@@ -158,7 +158,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds)
return res;
p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN);
- memset(rbuf, 0, sizeof(rbuf));
+ px_memset(rbuf, 0, sizeof(rbuf));
if (p == NULL)
return PXE_BAD_SALT_ROUNDS;
diff --git a/contrib/pgcrypto/px-hmac.c b/contrib/pgcrypto/px-hmac.c
index 36efabd..8db7923 100644
--- a/contrib/pgcrypto/px-hmac.c
+++ b/contrib/pgcrypto/px-hmac.c
@@ -75,7 +75,7 @@ hmac_init(PX_HMAC *h, const uint8 *key, unsigned klen)
h->p.opad[i] = keybuf[i] ^ HMAC_OPAD;
}
- memset(keybuf, 0, bs);
+ px_memset(keybuf, 0, bs);
px_free(keybuf);
px_md_update(md, h->p.ipad, bs);
@@ -117,7 +117,7 @@ hmac_finish(PX_HMAC *h, uint8 *dst)
px_md_update(md, buf, hlen);
px_md_finish(md, dst);
- memset(buf, 0, hlen);
+ px_memset(buf, 0, hlen);
px_free(buf);
}
@@ -129,8 +129,8 @@ hmac_free(PX_HMAC *h)
bs = px_md_block_size(h->md);
px_md_free(h->md);
- memset(h->p.ipad, 0, bs);
- memset(h->p.opad, 0, bs);
+ px_memset(h->p.ipad, 0, bs);
+ px_memset(h->p.opad, 0, bs);
px_free(h->p.ipad);
px_free(h->p.opad);
px_free(h);
diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c
index f23d4de..4b2a120 100644
--- a/contrib/pgcrypto/px.c
+++ b/contrib/pgcrypto/px.c
@@ -104,6 +104,12 @@ px_strerror(int err)
return "Bad error code";
}
+/* memset that must not be optimized away */
+void
+px_memset(void *ptr, int c, size_t len)
+{
+ memset(ptr, c, len);
+}
const char *
px_resolve_alias(const PX_Alias *list, const char *name)
@@ -327,7 +333,7 @@ combo_free(PX_Combo *cx)
{
if (cx->cipher)
px_cipher_free(cx->cipher);
- memset(cx, 0, sizeof(*cx));
+ px_memset(cx, 0, sizeof(*cx));
px_free(cx);
}
diff --git a/contrib/pgcrypto/px.h b/contrib/pgcrypto/px.h
index 80e8624..e09dee4 100644
--- a/contrib/pgcrypto/px.h
+++ b/contrib/pgcrypto/px.h
@@ -203,6 +203,8 @@ const char *px_resolve_alias(const PX_Alias *aliases, const char *name);
void px_set_debug_handler(void (*handler) (const char *));
+void px_memset(void *ptr, int c, size_t len);
+
#ifdef PX_DEBUG
void
px_debug(const char *fmt,...)
diff --git a/contrib/pgcrypto/sha2.c b/contrib/pgcrypto/sha2.c
index 5de94b2..bde1f61 100644
--- a/contrib/pgcrypto/sha2.c
+++ b/contrib/pgcrypto/sha2.c
@@ -40,6 +40,7 @@
#include <sys/param.h>
+#include "px.h"
#include "sha2.h"
/*
@@ -570,7 +571,7 @@ SHA256_Final(uint8 digest[], SHA256_CTX *context)
}
/* Clean up state data: */
- memset(context, 0, sizeof(*context));
+ px_memset(context, 0, sizeof(*context));
}
@@ -899,7 +900,7 @@ SHA512_Final(uint8 digest[], SHA512_CTX *context)
}
/* Zero out state data */
- memset(context, 0, sizeof(*context));
+ px_memset(context, 0, sizeof(*context));
}
@@ -944,7 +945,7 @@ SHA384_Final(uint8 digest[], SHA384_CTX *context)
}
/* Zero out state data */
- memset(context, 0, sizeof(*context));
+ px_memset(context, 0, sizeof(*context));
}
/*** SHA-224: *********************************************************/
@@ -987,5 +988,5 @@ SHA224_Final(uint8 digest[], SHA224_CTX *context)
}
/* Clean up state data: */
- memset(context, 0, sizeof(*context));
+ px_memset(context, 0, sizeof(*context));
}
Re: Fix memset usage in pgcrypto
Marko Kreen escribi�:
http://www.viva64.com/en/b/0227/ reported that on-stack memset()s
might be optimized away by compilers. Fix it.
Just to clarify, this needs to be applied to all branches, right? If
so, does the version submitted apply cleanly to all of them?
--
�lvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Re: Fix memset usage in pgcrypto
On Mon, Jan 20, 2014 at 06:49:21PM -0300, Alvaro Herrera wrote:
Marko Kreen escribió:
http://www.viva64.com/en/b/0227/ reported that on-stack memset()s
might be optimized away by compilers. Fix it.Just to clarify, this needs to be applied to all branches, right? If
so, does the version submitted apply cleanly to all of them?
It does apply cleanly. It is not critical fix, but it's simple,
so I think it should be back-patched.
--
marko
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Re: Fix memset usage in pgcrypto
On Thu, Dec 26, 2013 at 03:42:12PM +0200, Marko Kreen wrote:
http://www.viva64.com/en/b/0227/ reported that on-stack memset()s
might be optimized away by compilers. Fix it.* Replace memset() with px_memset()
* Add px_memset to copy_crlf()
* ADd px_memset to pgp-s2k.c
Where are we on this patch? Seems it needs backpatching too.
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Re: Fix memset usage in pgcrypto
On Mon, Mar 31, 2014 at 09:03:41PM -0400, Bruce Momjian wrote:
On Thu, Dec 26, 2013 at 03:42:12PM +0200, Marko Kreen wrote:
http://www.viva64.com/en/b/0227/ reported that on-stack memset()s
might be optimized away by compilers. Fix it.* Replace memset() with px_memset()
* Add px_memset to copy_crlf()
* ADd px_memset to pgp-s2k.cWhere are we on this patch? Seems it needs backpatching too.
Patch backpatched through 8.4. Thanks.
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ Everyone has their own god. +
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers