summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2012-10-20 01:10:20 -0400
committerSimo Sorce <simo@redhat.com>2013-01-10 12:24:59 -0500
commitc63415eabb1dc595c60760fb1df7fa7cfd1d3200 (patch)
treee169d1edc152cbbe0a3b25a22fb9e3f46f7bb7b1
parentc83e409297711e6012a164cc929c758a3f38e9b9 (diff)
downloadsssd-c63415eabb1dc595c60760fb1df7fa7cfd1d3200.tar.gz
sssd-c63415eabb1dc595c60760fb1df7fa7cfd1d3200.tar.xz
sssd-c63415eabb1dc595c60760fb1df7fa7cfd1d3200.zip
Add function to safely wipe memory.
This is useful for wiping passwords, as it prevents the compiler from optimizing out a memset to zero before a free()
-rw-r--r--src/util/util.c9
-rw-r--r--src/util/util.h9
2 files changed, 18 insertions, 0 deletions
diff --git a/src/util/util.c b/src/util/util.c
index b035e2319..ba85e0da2 100644
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -679,3 +679,12 @@ bool string_in_list(const char *string, char **list, bool case_sensitive)
return false;
}
+
+void safezero(void *data, size_t size)
+{
+ volatile uint8_t *p = data;
+
+ while (size--) {
+ *p++ = 0;
+ }
+}
diff --git a/src/util/util.h b/src/util/util.h
index e4cb1a865..cc5a2bafb 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -541,6 +541,15 @@ errno_t add_string_to_list(TALLOC_CTX *mem_ctx, const char *string,
bool string_in_list(const char *string, char **list, bool case_sensitive);
+/**
+ * @brief Safely zero a segment of memory,
+ * prevents the compiler from optimizing out
+ *
+ * @param data The address of buffer to wipe
+ * @param s Size of the buffer
+ */
+void safezero(void *data, size_t size);
+
/* from sss_tc_utf8.c */
char *
sss_tc_utf8_str_tolower(TALLOC_CTX *mem_ctx, const char *s);