This is useful for wiping passwords, as it prevents the compiler from optimizing out a memset to zero before a free() --- src/util/util.c | 9 +++++++++ src/util/util.h | 9 +++++++++ 2 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/src/util/util.c b/src/util/util.c index ab980775a1e4c87b16d32220bccda6cb644e0756..f268fbcd564cd93a2e63097c595cf19b65eb6800 100644 --- a/src/util/util.c +++ b/src/util/util.c @@ -700,3 +700,12 @@ bool string_in_list(const char *string, char **list, bool case_sensitive) return false; } + +void safezero(void *data, size_t size) +{ + volatile uint8_t *p = data; + + while (size--) { + *p++ = 0; + } +} diff --git a/src/util/util.h b/src/util/util.h index c15ca668392105447d073c40666953a0145d375a..1c5f3fc52292e251bf7b8ad4d5b03a9d8a0a3243 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -540,6 +540,15 @@ errno_t add_string_to_list(TALLOC_CTX *mem_ctx, const char *string, bool string_in_list(const char *string, char **list, bool case_sensitive); +/** + * @brief Safely zero a segment of memory, + * prevents the compiler from optimizing out + * + * @param data The address of buffer to wipe + * @param s Size of the buffer + */ +void safezero(void *data, size_t size); + /* from sss_tc_utf8.c */ char * sss_tc_utf8_str_tolower(TALLOC_CTX *mem_ctx, const char *s); -- 1.7.1 _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel