diff options
| author | Simo Sorce <simo@redhat.com> | 2012-10-20 01:10:20 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2013-01-10 12:24:59 -0500 |
| commit | c63415eabb1dc595c60760fb1df7fa7cfd1d3200 (patch) | |
| tree | e169d1edc152cbbe0a3b25a22fb9e3f46f7bb7b1 | |
| parent | c83e409297711e6012a164cc929c758a3f38e9b9 (diff) | |
| download | sssd-c63415eabb1dc595c60760fb1df7fa7cfd1d3200.tar.gz sssd-c63415eabb1dc595c60760fb1df7fa7cfd1d3200.tar.xz sssd-c63415eabb1dc595c60760fb1df7fa7cfd1d3200.zip | |
Add function to safely wipe memory.
This is useful for wiping passwords, as it prevents the compiler from
optimizing out a memset to zero before a free()
| -rw-r--r-- | src/util/util.c | 9 | ||||
| -rw-r--r-- | src/util/util.h | 9 |
2 files changed, 18 insertions, 0 deletions
diff --git a/src/util/util.c b/src/util/util.c index b035e2319..ba85e0da2 100644 --- a/src/util/util.c +++ b/src/util/util.c @@ -679,3 +679,12 @@ bool string_in_list(const char *string, char **list, bool case_sensitive) return false; } + +void safezero(void *data, size_t size) +{ + volatile uint8_t *p = data; + + while (size--) { + *p++ = 0; + } +} diff --git a/src/util/util.h b/src/util/util.h index e4cb1a865..cc5a2bafb 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -541,6 +541,15 @@ errno_t add_string_to_list(TALLOC_CTX *mem_ctx, const char *string, bool string_in_list(const char *string, char **list, bool case_sensitive); +/** + * @brief Safely zero a segment of memory, + * prevents the compiler from optimizing out + * + * @param data The address of buffer to wipe + * @param s Size of the buffer + */ +void safezero(void *data, size_t size); + /* from sss_tc_utf8.c */ char * sss_tc_utf8_str_tolower(TALLOC_CTX *mem_ctx, const char *s); |