From fc72e94a13026b86a06c7f5c670f4c16420d3d77 Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Thu, 17 Apr 2014 12:37:53 -0400 Subject: [PATCH] pgcrypto: fix memset() calls that might be optimized away Specifically, on-stack memset() might be removed, so: * Replace memset() with px_memset() * Add px_memset to copy_crlf() * Add px_memset to pgp-s2k.c Patch by Marko Kreen Report by PVS-Studio Backpatch through 8.4. --- contrib/pgcrypto/crypt-blowfish.c | 5 +++-- contrib/pgcrypto/crypt-md5.c | 4 ++-- contrib/pgcrypto/fortuna.c | 15 ++++++++------- contrib/pgcrypto/internal-sha2.c | 8 ++++---- contrib/pgcrypto/internal.c | 10 +++++----- contrib/pgcrypto/mbuf.c | 12 ++++++------ contrib/pgcrypto/openssl.c | 4 ++-- contrib/pgcrypto/pgp-cfb.c | 2 +- contrib/pgcrypto/pgp-compress.c | 4 ++-- contrib/pgcrypto/pgp-decrypt.c | 19 ++++++++++--------- contrib/pgcrypto/pgp-encrypt.c | 10 +++++----- contrib/pgcrypto/pgp-mpi.c | 2 +- contrib/pgcrypto/pgp-pgsql.c | 6 +++--- contrib/pgcrypto/pgp-pubenc.c | 6 +++--- contrib/pgcrypto/pgp-pubkey.c | 8 ++++---- contrib/pgcrypto/pgp-s2k.c | 3 +++ contrib/pgcrypto/pgp.c | 2 +- contrib/pgcrypto/px-crypt.c | 2 +- contrib/pgcrypto/px-hmac.c | 8 ++++---- contrib/pgcrypto/px.c | 8 +++++++- contrib/pgcrypto/px.h | 2 ++ contrib/pgcrypto/sha2.c | 9 +++++---- 22 files changed, 82 insertions(+), 67 deletions(-) diff --git a/contrib/pgcrypto/crypt-blowfish.c b/contrib/pgcrypto/crypt-blowfish.c index b49747d9265..fbaa3d776a0 100644 --- a/contrib/pgcrypto/crypt-blowfish.c +++ b/contrib/pgcrypto/crypt-blowfish.c @@ -35,6 +35,7 @@ #include "postgres.h" #include "px-crypt.h" +#include "px.h" #ifdef __i386__ #define BF_ASM 0 /* 1 */ @@ -616,7 +617,7 @@ _crypt_blowfish_rn(const char *key, const char *setting, count = (BF_word) 1 << ((setting[4] - '0') * 10 + (setting[5] - '0')); if (count < 16 || BF_decode(data.binary.salt, &setting[7], 16)) { - memset(data.binary.salt, 0, sizeof(data.binary.salt)); + px_memset(data.binary.salt, 0, sizeof(data.binary.salt)); return NULL; } BF_swap(data.binary.salt, 4); @@ -729,7 +730,7 @@ _crypt_blowfish_rn(const char *key, const char *setting, /* Overwrite the most obvious sensitive data we have on the stack. Note * that this does not guarantee there's no sensitive data left on the * stack and/or in registers; I'm not aware of portable code that does. */ - memset(&data, 0, sizeof(data)); + px_memset(&data, 0, sizeof(data)); return output; } diff --git a/contrib/pgcrypto/crypt-md5.c b/contrib/pgcrypto/crypt-md5.c index 2a5cd70208a..6a09d76989f 100644 --- a/contrib/pgcrypto/crypt-md5.c +++ b/contrib/pgcrypto/crypt-md5.c @@ -89,7 +89,7 @@ px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen) px_md_update(ctx, final, pl > MD5_SIZE ? MD5_SIZE : pl); /* Don't leave anything around in vm they could use. */ - memset(final, 0, sizeof final); + px_memset(final, 0, sizeof final); /* Then something really weird... */ for (i = strlen(pw); i; i >>= 1) @@ -154,7 +154,7 @@ px_crypt_md5(const char *pw, const char *salt, char *passwd, unsigned dstlen) *p = '\0'; /* Don't leave anything around in vm they could use. */ - memset(final, 0, sizeof final); + px_memset(final, 0, sizeof final); px_md_free(ctx1); px_md_free(ctx); diff --git a/contrib/pgcrypto/fortuna.c b/contrib/pgcrypto/fortuna.c index 1228fb4ad04..47380a812a2 100644 --- a/contrib/pgcrypto/fortuna.c +++ b/contrib/pgcrypto/fortuna.c @@ -34,6 +34,7 @@ #include #include +#include "px.h" #include "rijndael.h" #include "sha2.h" #include "fortuna.h" @@ -169,7 +170,7 @@ md_result(MD_CTX * ctx, uint8 *dst) memcpy(&tmp, ctx, sizeof(*ctx)); SHA256_Final(dst, &tmp); - memset(&tmp, 0, sizeof(tmp)); + px_memset(&tmp, 0, sizeof(tmp)); } /* @@ -243,7 +244,7 @@ enough_time_passed(FState *st) if (ok) memcpy(last, &tv, sizeof(tv)); - memset(&tv, 0, sizeof(tv)); + px_memset(&tv, 0, sizeof(tv)); return ok; } @@ -290,8 +291,8 @@ reseed(FState *st) /* use new key */ ciph_init(&st->ciph, st->key, BLOCK); - memset(&key_md, 0, sizeof(key_md)); - memset(buf, 0, BLOCK); + px_memset(&key_md, 0, sizeof(key_md)); + px_memset(buf, 0, BLOCK); } /* @@ -341,8 +342,8 @@ add_entropy(FState *st, const uint8 *data, unsigned len) if (pos == 0) st->pool0_bytes += len; - memset(hash, 0, BLOCK); - memset(&md, 0, sizeof(md)); + px_memset(hash, 0, BLOCK); + px_memset(&md, 0, sizeof(md)); } /* @@ -378,7 +379,7 @@ startup_tricks(FState *st) encrypt_counter(st, buf + CIPH_BLOCK); md_update(&st->pool[i], buf, BLOCK); } - memset(buf, 0, BLOCK); + px_memset(buf, 0, BLOCK); /* Hide the key. */ rekey(st); diff --git a/contrib/pgcrypto/internal-sha2.c b/contrib/pgcrypto/internal-sha2.c index f86b47816bd..912effb1412 100644 --- a/contrib/pgcrypto/internal-sha2.c +++ b/contrib/pgcrypto/internal-sha2.c @@ -84,7 +84,7 @@ int_sha224_free(PX_MD *h) { SHA224_CTX *ctx = (SHA224_CTX *) h->p.ptr; - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); px_free(ctx); px_free(h); } @@ -132,7 +132,7 @@ int_sha256_free(PX_MD *h) { SHA256_CTX *ctx = (SHA256_CTX *) h->p.ptr; - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); px_free(ctx); px_free(h); } @@ -180,7 +180,7 @@ int_sha384_free(PX_MD *h) { SHA384_CTX *ctx = (SHA384_CTX *) h->p.ptr; - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); px_free(ctx); px_free(h); } @@ -228,7 +228,7 @@ int_sha512_free(PX_MD *h) { SHA512_CTX *ctx = (SHA512_CTX *) h->p.ptr; - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); px_free(ctx); px_free(h); } diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c index a02c943e049..7b33e496d41 100644 --- a/contrib/pgcrypto/internal.c +++ b/contrib/pgcrypto/internal.c @@ -142,7 +142,7 @@ int_md5_free(PX_MD *h) { MD5_CTX *ctx = (MD5_CTX *) h->p.ptr; - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); px_free(ctx); px_free(h); } @@ -190,7 +190,7 @@ int_sha1_free(PX_MD *h) { SHA1_CTX *ctx = (SHA1_CTX *) h->p.ptr; - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); px_free(ctx); px_free(h); } @@ -265,7 +265,7 @@ intctx_free(PX_Cipher *c) if (cx) { - memset(cx, 0, sizeof *cx); + px_memset(cx, 0, sizeof *cx); px_free(cx); } px_free(c); @@ -658,7 +658,7 @@ system_reseed(void) skip = buf[0] >= SYSTEM_RESEED_CHANCE; } /* clear 1 byte */ - memset(buf, 0, sizeof(buf)); + px_memset(buf, 0, sizeof(buf)); if (skip) return; @@ -668,7 +668,7 @@ system_reseed(void) fortuna_add_entropy(buf, n); seed_time = t; - memset(buf, 0, sizeof(buf)); + px_memset(buf, 0, sizeof(buf)); } int diff --git a/contrib/pgcrypto/mbuf.c b/contrib/pgcrypto/mbuf.c index a2c5293efbc..f3a0e01c41f 100644 --- a/contrib/pgcrypto/mbuf.c +++ b/contrib/pgcrypto/mbuf.c @@ -69,7 +69,7 @@ mbuf_free(MBuf *mbuf) { if (mbuf->own_data) { - memset(mbuf->data, 0, mbuf->buf_end - mbuf->data); + px_memset(mbuf->data, 0, mbuf->buf_end - mbuf->data); px_free(mbuf->data); } px_free(mbuf); @@ -249,11 +249,11 @@ pullf_free(PullFilter *pf) if (pf->buf) { - memset(pf->buf, 0, pf->buflen); + px_memset(pf->buf, 0, pf->buflen); px_free(pf->buf); } - memset(pf, 0, sizeof(*pf)); + px_memset(pf, 0, sizeof(*pf)); px_free(pf); } @@ -298,7 +298,7 @@ pullf_read_max(PullFilter *pf, int len, uint8 **data_p, uint8 *tmpbuf) if (res < 0) { /* so the caller must clear only on success */ - memset(tmpbuf, 0, total); + px_memset(tmpbuf, 0, total); return res; } if (res == 0) @@ -415,11 +415,11 @@ pushf_free(PushFilter *mp) if (mp->buf) { - memset(mp->buf, 0, mp->block_size); + px_memset(mp->buf, 0, mp->block_size); px_free(mp->buf); } - memset(mp, 0, sizeof(*mp)); + px_memset(mp, 0, sizeof(*mp)); px_free(mp); } diff --git a/contrib/pgcrypto/openssl.c b/contrib/pgcrypto/openssl.c index ad7fb9ee0ee..e6c72512b46 100644 --- a/contrib/pgcrypto/openssl.c +++ b/contrib/pgcrypto/openssl.c @@ -142,7 +142,7 @@ EVP_MD_CTX_init(EVP_MD_CTX *ctx) static int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) { - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); return 1; } @@ -381,7 +381,7 @@ gen_ossl_free(PX_Cipher *c) { ossldata *od = (ossldata *) c->ptr; - memset(od, 0, sizeof(*od)); + px_memset(od, 0, sizeof(*od)); px_free(od); px_free(c); } diff --git a/contrib/pgcrypto/pgp-cfb.c b/contrib/pgcrypto/pgp-cfb.c index 7cf9bf0b8c5..d9939ee11e9 100644 --- a/contrib/pgcrypto/pgp-cfb.c +++ b/contrib/pgcrypto/pgp-cfb.c @@ -85,7 +85,7 @@ void pgp_cfb_free(PGP_CFB *ctx) { px_cipher_free(ctx->ciph); - memset(ctx, 0, sizeof(*ctx)); + px_memset(ctx, 0, sizeof(*ctx)); px_free(ctx); } diff --git a/contrib/pgcrypto/pgp-compress.c b/contrib/pgcrypto/pgp-compress.c index c5924534021..78346602c90 100644 --- a/contrib/pgcrypto/pgp-compress.c +++ b/contrib/pgcrypto/pgp-compress.c @@ -175,7 +175,7 @@ compress_free(void *priv) struct ZipStat *st = priv; deflateEnd(&st->stream); - memset(st, 0, sizeof(*st)); + px_memset(st, 0, sizeof(*st)); px_free(st); } @@ -298,7 +298,7 @@ decompress_free(void *priv) struct DecomprData *dec = priv; inflateEnd(&dec->stream); - memset(dec, 0, sizeof(*dec)); + px_memset(dec, 0, sizeof(*dec)); px_free(dec); } diff --git a/contrib/pgcrypto/pgp-decrypt.c b/contrib/pgcrypto/pgp-decrypt.c index c9aa6cd66aa..2063e8c319e 100644 --- a/contrib/pgcrypto/pgp-decrypt.c +++ b/contrib/pgcrypto/pgp-decrypt.c @@ -210,7 +210,7 @@ pktreader_free(void *priv) { struct PktData *pkt = priv; - memset(pkt, 0, sizeof(*pkt)); + px_memset(pkt, 0, sizeof(*pkt)); px_free(pkt); } @@ -257,7 +257,7 @@ prefix_init(void **priv_p, void *arg, PullFilter *src) if (res != len + 2) { px_debug("prefix_init: short read"); - memset(tmpbuf, 0, sizeof(tmpbuf)); + px_memset(tmpbuf, 0, sizeof(tmpbuf)); return PXE_PGP_CORRUPT_DATA; } @@ -280,7 +280,7 @@ prefix_init(void **priv_p, void *arg, PullFilter *src) */ ctx->corrupt_prefix = 1; } - memset(tmpbuf, 0, sizeof(tmpbuf)); + px_memset(tmpbuf, 0, sizeof(tmpbuf)); return 0; } @@ -395,8 +395,8 @@ mdc_finish(PGP_Context *ctx, PullFilter *src, */ px_md_finish(ctx->mdc_ctx, hash); res = memcmp(hash, *data_p, 20); - memset(hash, 0, 20); - memset(tmpbuf, 0, sizeof(tmpbuf)); + px_memset(hash, 0, 20); + px_memset(tmpbuf, 0, sizeof(tmpbuf)); if (res != 0) { px_debug("mdc_finish: mdc failed"); @@ -493,7 +493,7 @@ mdcbuf_finish(struct MDCBufData * st) px_md_update(st->ctx->mdc_ctx, st->mdc_buf, 2); px_md_finish(st->ctx->mdc_ctx, hash); res = memcmp(hash, st->mdc_buf + 2, 20); - memset(hash, 0, 20); + px_memset(hash, 0, 20); if (res) { px_debug("mdcbuf_finish: MDC does not match"); @@ -593,7 +593,7 @@ mdcbuf_free(void *priv) px_md_free(st->ctx->mdc_ctx); st->ctx->mdc_ctx = NULL; - memset(st, 0, sizeof(*st)); + px_memset(st, 0, sizeof(*st)); px_free(st); } @@ -703,7 +703,7 @@ parse_symenc_sesskey(PGP_Context *ctx, PullFilter *src) res = decrypt_key(ctx, p, res); } - memset(tmpbuf, 0, sizeof(tmpbuf)); + px_memset(tmpbuf, 0, sizeof(tmpbuf)); return res; } @@ -753,6 +753,7 @@ copy_crlf(MBuf *dst, uint8 *data, int len, int *got_cr) if (res < 0) return res; } + px_memset(tmpbuf, 0, sizeof(tmpbuf)); return 0; } @@ -792,7 +793,7 @@ parse_literal_data(PGP_Context *ctx, MBuf *dst, PullFilter *pkt) px_debug("parse_literal_data: unexpected eof"); return PXE_PGP_CORRUPT_DATA; } - memset(tmpbuf, 0, 4); + px_memset(tmpbuf, 0, 4); /* check if text */ if (ctx->text_mode) diff --git a/contrib/pgcrypto/pgp-encrypt.c b/contrib/pgcrypto/pgp-encrypt.c index 3b9b5d20edf..48eb3f42af0 100644 --- a/contrib/pgcrypto/pgp-encrypt.c +++ b/contrib/pgcrypto/pgp-encrypt.c @@ -128,7 +128,7 @@ mdc_flush(PushFilter *dst, void *priv) px_md_finish(md, pkt + 2); res = pushf_write(dst, pkt, 2 + MDC_DIGEST_LEN); - memset(pkt, 0, 2 + MDC_DIGEST_LEN); + px_memset(pkt, 0, 2 + MDC_DIGEST_LEN); return res; } @@ -217,7 +217,7 @@ encrypt_free(void *priv) { struct EncStat *st = priv; - memset(st, 0, sizeof(*st)); + px_memset(st, 0, sizeof(*st)); px_free(st); } @@ -299,7 +299,7 @@ pkt_stream_free(void *priv) { struct PktStreamStat *st = priv; - memset(st, 0, sizeof(*st)); + px_memset(st, 0, sizeof(*st)); px_free(st); } @@ -490,7 +490,7 @@ write_prefix(PGP_Context *ctx, PushFilter *dst) prefix[bs + 1] = prefix[bs - 1]; res = pushf_write(dst, prefix, bs + 2); - memset(prefix, 0, bs + 2); + px_memset(prefix, 0, bs + 2); return res < 0 ? res : 0; } @@ -552,7 +552,7 @@ write_symenc_sesskey(PGP_Context *ctx, PushFilter *dst) if (res >= 0) res = pushf_write(dst, pkt, pktlen); - memset(pkt, 0, pktlen); + px_memset(pkt, 0, pktlen); return res; } diff --git a/contrib/pgcrypto/pgp-mpi.c b/contrib/pgcrypto/pgp-mpi.c index c8765b6d141..0daca3cda48 100644 --- a/contrib/pgcrypto/pgp-mpi.c +++ b/contrib/pgcrypto/pgp-mpi.c @@ -72,7 +72,7 @@ pgp_mpi_free(PGP_MPI *mpi) { if (mpi == NULL) return 0; - memset(mpi, 0, sizeof(*mpi) + mpi->bytes); + px_memset(mpi, 0, sizeof(*mpi) + mpi->bytes); px_free(mpi); return 0; } diff --git a/contrib/pgcrypto/pgp-pgsql.c b/contrib/pgcrypto/pgp-pgsql.c index d4eec03cc77..828f64a84bc 100644 --- a/contrib/pgcrypto/pgp-pgsql.c +++ b/contrib/pgcrypto/pgp-pgsql.c @@ -87,7 +87,7 @@ add_block_entropy(PX_MD *md, text *data) px_add_entropy(sha1, 20); - memset(sha1, 0, 20); + px_memset(sha1, 0, 20); } /* @@ -129,7 +129,7 @@ add_entropy(text *data1, text *data2, text *data3) add_block_entropy(md, data3); px_md_free(md); - memset(rnd, 0, sizeof(rnd)); + px_memset(rnd, 0, sizeof(rnd)); } /* @@ -167,7 +167,7 @@ convert_to_utf8(text *src) static void clear_and_pfree(text *p) { - memset(p, 0, VARSIZE(p)); + px_memset(p, 0, VARSIZE(p)); pfree(p); } diff --git a/contrib/pgcrypto/pgp-pubenc.c b/contrib/pgcrypto/pgp-pubenc.c index 943d2e49f57..0d1be7d2b78 100644 --- a/contrib/pgcrypto/pgp-pubenc.c +++ b/contrib/pgcrypto/pgp-pubenc.c @@ -73,7 +73,7 @@ pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p) if (res < 0) { - memset(buf, 0, res_len); + px_memset(buf, 0, res_len); px_free(buf); return res; } @@ -123,10 +123,10 @@ create_secmsg(PGP_Context *ctx, PGP_MPI **msg_p, int full_bytes) if (padded) { - memset(padded, 0, full_bytes); + px_memset(padded, 0, full_bytes); px_free(padded); } - memset(secmsg, 0, klen + 3); + px_memset(secmsg, 0, klen + 3); px_free(secmsg); if (res >= 0) diff --git a/contrib/pgcrypto/pgp-pubkey.c b/contrib/pgcrypto/pgp-pubkey.c index 9651d5e89f2..abab0581235 100644 --- a/contrib/pgcrypto/pgp-pubkey.c +++ b/contrib/pgcrypto/pgp-pubkey.c @@ -77,7 +77,7 @@ pgp_key_free(PGP_PubKey *pk) pgp_mpi_free(pk->sec.dsa.x); break; } - memset(pk, 0, sizeof(*pk)); + px_memset(pk, 0, sizeof(*pk)); px_free(pk); } @@ -150,7 +150,7 @@ calc_key_id(PGP_PubKey *pk) px_md_free(md); memcpy(pk->key_id, hash + 12, 8); - memset(hash, 0, 20); + px_memset(hash, 0, 20); return 0; } @@ -291,8 +291,8 @@ check_key_sha1(PullFilter *src, PGP_PubKey *pk) res = PXE_PGP_KEYPKT_CORRUPT; } err: - memset(got_sha1, 0, 20); - memset(my_sha1, 0, 20); + px_memset(got_sha1, 0, 20); + px_memset(my_sha1, 0, 20); return res; } diff --git a/contrib/pgcrypto/pgp-s2k.c b/contrib/pgcrypto/pgp-s2k.c index 349234e243c..40c05a1a96e 100644 --- a/contrib/pgcrypto/pgp-s2k.c +++ b/contrib/pgcrypto/pgp-s2k.c @@ -75,6 +75,7 @@ calc_s2k_simple(PGP_S2K *s2k, PX_MD *md, const uint8 *key, remain = 0; } } + px_memset(buf, 0, sizeof(buf)); return 0; } @@ -118,6 +119,7 @@ calc_s2k_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len) remain = 0; } } + px_memset(buf, 0, sizeof(buf)); return 0; } @@ -189,6 +191,7 @@ calc_s2k_iter_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, remain = 0; } } + px_memset(buf, 0, sizeof(buf)); return 0; } diff --git a/contrib/pgcrypto/pgp.c b/contrib/pgcrypto/pgp.c index b8a6bc49b40..a17ca93e0df 100644 --- a/contrib/pgcrypto/pgp.c +++ b/contrib/pgcrypto/pgp.c @@ -225,7 +225,7 @@ pgp_free(PGP_Context *ctx) { if (ctx->pub_key) pgp_key_free(ctx->pub_key); - memset(ctx, 0, sizeof *ctx); + px_memset(ctx, 0, sizeof *ctx); px_free(ctx); return 0; } diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c index 63ec038dc54..523efc8fb02 100644 --- a/contrib/pgcrypto/px-crypt.c +++ b/contrib/pgcrypto/px-crypt.c @@ -158,7 +158,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds) return res; p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN); - memset(rbuf, 0, sizeof(rbuf)); + px_memset(rbuf, 0, sizeof(rbuf)); if (p == NULL) return PXE_BAD_SALT_ROUNDS; diff --git a/contrib/pgcrypto/px-hmac.c b/contrib/pgcrypto/px-hmac.c index 36efabd4a31..8db79233d95 100644 --- a/contrib/pgcrypto/px-hmac.c +++ b/contrib/pgcrypto/px-hmac.c @@ -75,7 +75,7 @@ hmac_init(PX_HMAC *h, const uint8 *key, unsigned klen) h->p.opad[i] = keybuf[i] ^ HMAC_OPAD; } - memset(keybuf, 0, bs); + px_memset(keybuf, 0, bs); px_free(keybuf); px_md_update(md, h->p.ipad, bs); @@ -117,7 +117,7 @@ hmac_finish(PX_HMAC *h, uint8 *dst) px_md_update(md, buf, hlen); px_md_finish(md, dst); - memset(buf, 0, hlen); + px_memset(buf, 0, hlen); px_free(buf); } @@ -129,8 +129,8 @@ hmac_free(PX_HMAC *h) bs = px_md_block_size(h->md); px_md_free(h->md); - memset(h->p.ipad, 0, bs); - memset(h->p.opad, 0, bs); + px_memset(h->p.ipad, 0, bs); + px_memset(h->p.opad, 0, bs); px_free(h->p.ipad); px_free(h->p.opad); px_free(h); diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c index f23d4de5738..4b2a1207f9d 100644 --- a/contrib/pgcrypto/px.c +++ b/contrib/pgcrypto/px.c @@ -104,6 +104,12 @@ px_strerror(int err) return "Bad error code"; } +/* memset that must not be optimized away */ +void +px_memset(void *ptr, int c, size_t len) +{ + memset(ptr, c, len); +} const char * px_resolve_alias(const PX_Alias *list, const char *name) @@ -327,7 +333,7 @@ combo_free(PX_Combo *cx) { if (cx->cipher) px_cipher_free(cx->cipher); - memset(cx, 0, sizeof(*cx)); + px_memset(cx, 0, sizeof(*cx)); px_free(cx); } diff --git a/contrib/pgcrypto/px.h b/contrib/pgcrypto/px.h index 80e8624460d..e09dee49ab4 100644 --- a/contrib/pgcrypto/px.h +++ b/contrib/pgcrypto/px.h @@ -203,6 +203,8 @@ const char *px_resolve_alias(const PX_Alias *aliases, const char *name); void px_set_debug_handler(void (*handler) (const char *)); +void px_memset(void *ptr, int c, size_t len); + #ifdef PX_DEBUG void px_debug(const char *fmt,...) diff --git a/contrib/pgcrypto/sha2.c b/contrib/pgcrypto/sha2.c index 5de94b2fcda..bde1f61b311 100644 --- a/contrib/pgcrypto/sha2.c +++ b/contrib/pgcrypto/sha2.c @@ -40,6 +40,7 @@ #include +#include "px.h" #include "sha2.h" /* @@ -570,7 +571,7 @@ SHA256_Final(uint8 digest[], SHA256_CTX *context) } /* Clean up state data: */ - memset(context, 0, sizeof(*context)); + px_memset(context, 0, sizeof(*context)); } @@ -899,7 +900,7 @@ SHA512_Final(uint8 digest[], SHA512_CTX *context) } /* Zero out state data */ - memset(context, 0, sizeof(*context)); + px_memset(context, 0, sizeof(*context)); } @@ -944,7 +945,7 @@ SHA384_Final(uint8 digest[], SHA384_CTX *context) } /* Zero out state data */ - memset(context, 0, sizeof(*context)); + px_memset(context, 0, sizeof(*context)); } /*** SHA-224: *********************************************************/ @@ -987,5 +988,5 @@ SHA224_Final(uint8 digest[], SHA224_CTX *context) } /* Clean up state data: */ - memset(context, 0, sizeof(*context)); + px_memset(context, 0, sizeof(*context)); }