diff options
| author | Damien Miller <djm@mindrot.org> | 2014-08-27 06:32:01 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-08-27 06:32:01 +1000 |
| commit | 3d673d103bad35afaec6e7ef73e5277216ce33a3 (patch) | |
| tree | 646afea264f1f91573e590f1ae5818cfb7f7b296 | |
| parent | 146218ac11a1eb0dcade6f793d7acdef163b5ddc (diff) | |
| download | openssh-git-3d673d103bad35afaec6e7ef73e5277216ce33a3.tar.gz | |
- (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
using memset_s() where possible; improve fallback to indirect bzero
via a volatile pointer to give it more of a chance to avoid being
optimised away.
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | configure.ac | 5 | ||||
| -rw-r--r-- | openbsd-compat/explicit_bzero.c | 26 |
3 files changed, 30 insertions, 5 deletions
@@ -8,6 +8,10 @@ on !ECC OpenSSL systems - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth monitor, not preauth; bz#2263 + - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero() + using memset_s() where possible; improve fallback to indirect bzero + via a volatile pointer to give it more of a chance to avoid being + optimised away. 20140825 - (djm) [bufec.c] Skip this file on !ECC OpenSSL diff --git a/configure.ac b/configure.ac index d5b4377b..67c4486e 100644 --- a/configure.ac +++ b/configure.ac @@ -1,4 +1,4 @@ -# $Id: configure.ac,v 1.582 2014/08/23 07:06:49 djm Exp $ +# $Id: configure.ac,v 1.583 2014/08/26 20:32:01 djm Exp $ # # Copyright (c) 1999-2004 Damien Miller # @@ -15,7 +15,7 @@ # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. AC_INIT([OpenSSH], [Portable], [openssh-unix-dev@mindrot.org]) -AC_REVISION($Revision: 1.582 $) +AC_REVISION($Revision: 1.583 $) AC_CONFIG_SRCDIR([ssh.c]) AC_LANG([C]) @@ -1618,6 +1618,7 @@ AC_CHECK_FUNCS([ \ mblen \ md5_crypt \ memmove \ + memset_s \ mkdtemp \ mmap \ ngetaddrinfo \ diff --git a/openbsd-compat/explicit_bzero.c b/openbsd-compat/explicit_bzero.c index b106741e..3c85a484 100644 --- a/openbsd-compat/explicit_bzero.c +++ b/openbsd-compat/explicit_bzero.c @@ -7,14 +7,34 @@ #include "includes.h" +/* + * explicit_bzero - don't let the compiler optimize away bzero + */ + #ifndef HAVE_EXPLICIT_BZERO +#ifdef HAVE_MEMSET_S + +void +explicit_bzero(void *p, size_t n) +{ + (void)memset_s(p, n, 0, n); +} + +#else /* HAVE_MEMSET_S */ + /* - * explicit_bzero - don't let the compiler optimize away bzero + * Indirect bzero through a volatile pointer to hopefully avoid + * dead-store optimisation eliminating the call. */ +static void (* volatile ssh_bzero)(void *, size_t) = bzero; + void explicit_bzero(void *p, size_t n) { - bzero(p, n); + ssh_bzero(p, n); } -#endif + +#endif /* HAVE_MEMSET_S */ + +#endif /* HAVE_EXPLICIT_BZERO */ |