http://www.viva64.com/en/b/0227/ reported that on-stack memset()s
might be optimized away by compilers. Fix it.
* Replace memset() with px_memset()
* Add px_memset to copy_crlf()
* ADd px_memset to pgp-s2k.c
--
marko
diff --git a/contrib/pgcrypto/crypt-blowfish.c b/contrib/pgcrypto/crypt-blowfish.c
index b49747d..fbaa3d7 100644
--- a/contrib/pgcrypto/crypt-blowfish.c
+++ b/contrib/pgcrypto/crypt-blowfish.c
@@ -35,6 +35,7 @@
#include "postgres.h"
#include "px-crypt.h"
+#include "px.h"
#ifdef __i386__
#define BF_ASM0 /* 1 */
@@ -616,7 +617,7 @@ _crypt_blowfish_rn(const char *key, const char *setting,
count = (BF_word) 1 << ((setting[4] - '0') * 10 + (setting[5] - '0'));
if (count < 16 || BF_decode(data.binary.salt, &setting[7], 16))
{
- memset(data.binary.salt, 0, sizeof(data.binary.salt));
+ px_memset(data.binary.salt, 0, sizeof(data.binary.salt));
return NULL;
}
BF_swap(data.binary.salt, 4);
@@ -729,7 +730,7 @@ _crypt_blowfish_rn(const char *key, const char *setting,
/* Overwrite the most obvious sensitive data we have on the stack. Note
* that this does not guarantee there's no sensitive data left on the
* stack and/or in registers; I'm not aware of portable code that does. */
- memset(&data, 0, sizeof(data));
+ px_memset(&data, 0, sizeof(data));
return output;
}
diff --git a/contrib/pgcrypto/crypt-md5.c b/contrib/pgcrypto/crypt-md5.c
index 2a5cd70..6a09d76 100644
--- a/contrib/pgcrypto/crypt-md5.c
+++ b/contrib/pgcrypto/crypt-md5.c
@@ -89,7 +89,7 @@ px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
px_md_update(ctx, final, pl > MD5_SIZE ? MD5_SIZE : pl);
/* Don't leave anything around in vm they could use. */
- memset(final, 0, sizeof final);
+ px_memset(final, 0, sizeof final);
/* Then something really weird... */
for (i = strlen(pw); i; i >>= 1)
@@ -154,7 +154,7 @@ px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen)
*p = '\0';
/* Don't leave anything around in vm they could use. */
- memset(final, 0, sizeof final);
+ px_memset(final, 0, sizeof final);
px_md_free(ctx1);
px_md_free(ctx);
diff --git a/contrib/pgcrypto/fortuna.c b/contrib/pgcrypto/fortuna.c
index 1228fb4..47380a8 100644
--- a/contrib/pgcrypto/fortuna.c
+++ b/contrib/pgcrypto/fortuna.c
@@ -34,6 +34,7 @@
#include
#include
+#include "px.h"
#include "rijndael.h"
#include "sha2.h"
#include "fortuna.h"
@@ -169,7 +170,7 @@ md_result(MD_CTX * ctx, uint8 *dst)
memcpy(&tmp, ctx, sizeof(*ctx));
SHA256_Final(dst, &tmp);
- memset(&tmp, 0, sizeof(tmp));
+ px_memset(&tmp, 0, sizeof(tmp));
}
/*
@@ -243,7 +244,7 @@ enough_time_passed(FState *st)
if (ok)
memcpy(last, &tv, sizeof(tv));
- memset(&tv, 0, sizeof(tv));
+ px_memset(&tv, 0, sizeof(tv));
return ok;
}
@@ -290,8 +291,8 @@ reseed(FState *st)
/* use new key */
ciph_init(&st->ciph, st->key, BLOCK);
- memset(&key_md, 0, sizeof(key_md));
- memset(buf, 0, BLOCK);
+ px_memset(&key_md, 0, sizeof(key_md));
+ px_memset(buf, 0, BLOCK);
}
/*
@@ -341,8 +342,8 @@ add_entropy(FState *st, const uint8 *data, unsigned len)
if (pos == 0)
st->pool0_bytes += len;
- memset(hash, 0, BLOCK);
- memset(&md, 0, sizeof(md));
+ px_memset(hash, 0, BLOCK);
+ px_memset(&md, 0, sizeof(md));
}
/*
@@ -378,7 +379,7 @@ startup_tricks(FState *st)
encrypt_counter(st, buf + CIPH_BLOCK);
md_update(&st->pool[i], buf, BLOCK);
}
- memset(buf, 0, BLOCK);
+ px_memset(buf, 0, BLOCK);
/* Hide the key. */
rekey(st);
diff --git a/contrib/pgcrypto/internal-sha2.c b/contrib/pgcrypto/internal-sha2.c
index f86b478..912effb 100644
--- a/contrib/pgcrypto/internal-sha2.c
+++ b/contrib/pgcrypto/internal-sha2.c
@@ -84,7 +84,7 @@ int_sha224_free(PX_MD *h)
{
SHA224_CTX *ctx = (SHA224_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -132,7 +132,7 @@ int_sha256_free(PX_MD *h)
{
SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -180,7 +180,7 @@ int_sha384_free(PX_MD *h)
{
SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -228,7 +228,7 @@ int_sha512_free(PX_MD *h)
{
SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
index a02c943..7b33e49 100644
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@@ -142,7 +142,7 @@ int_md5_free(PX_MD *h)
{
MD5_CTX*ctx = (MD5_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, sizeof(*ctx));
px_free(ctx);
px_free(h);
}
@@ -190,7 +190,7 @@ int_sha1_free(PX_MD *h)
{
SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr;
- memset(ctx, 0, sizeof(*ctx));
+ px_memset(ctx, 0, siz