gnutls_memset: use explicit_bzero

That is, use the glibc function when available and the second parameter is zero. Resolves #230 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-08-07 16:27:19 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-08-08 16:32:19 +0200
commit: 1f6a8edbc451f9fec0cbbf281673a0ef67c3fbdd (patch)
tree: 9f50ac6c9b68d8677744d3e7b565378927578886 /lib
parent: 3aeb9c1443f74ee1107772608afbc1041d65c958 (diff)
download: gnutls-1f6a8edbc451f9fec0cbbf281673a0ef67c3fbdd.tar.gz
1 files changed, 9 insertions, 8 deletions
diff --git a/lib/safe-memfuncs.c b/lib/safe-memfuncs.c
index e5673e5737..5e413c9486 100644
--- a/lib/safe-memfuncs.c
+++ b/lib/safe-memfuncs.c
@@ -18,11 +18,8 @@
  *
  */
 
-#ifdef TEST_SAFE_MEMSET
-# include <string.h>
-#else
-# include "gnutls_int.h"
-#endif
+#include "gnutls_int.h"
+#include <string.h>
 
 /**
  * gnutls_memset:
@@ -33,14 +30,18 @@
  * This function will operate similarly to memset(), but will
  * not be optimized out by the compiler.
  *
- * Returns: void.
- *
  * Since: 3.4.0
  **/
 void gnutls_memset(void *data, int c, size_t size)
 {
-	volatile unsigned volatile_zero = 0;
+	volatile unsigned volatile_zero;
 	volatile char *vdata = (volatile char*)data;
+#ifdef HAVE_EXPLICIT_BZERO
+	if (c == 0) {
+		explicit_bzero(data, size);
+	}
+#endif
+	volatile_zero = 0;
 
 	/* This is based on a nice trick for safe memset,
 	 * sent by David Jacobson in the openssl-dev mailing list.
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-08-07 16:27:19 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-08-08 16:32:19 +0200
commit	1f6a8edbc451f9fec0cbbf281673a0ef67c3fbdd (patch)
tree	9f50ac6c9b68d8677744d3e7b565378927578886 /lib
parent	3aeb9c1443f74ee1107772608afbc1041d65c958 (diff)
download	gnutls-1f6a8edbc451f9fec0cbbf281673a0ef67c3fbdd.tar.gz