kore

Kore is a web application platform for writing scalable, concurrent web based processes in C or Python.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git
commit 045beb86222202e382320cdff6ce7ed332dfd7b0
parent 722a0eca215aa9cb9f0487643fa303832810042c
Author: Joris Vink <joris@coders.se>
Date:   Fri, 18 Feb 2022 11:13:01 +0100

add kore_mem_zero().

use it in places explicit_bzero() used to be called.

The kore_mem_zero() is a best effort to try and let the compiler
not optimize the code away. Highly platform dependent.

Diffstat:

include/kore/kore.h | 1+


src/mem.c | 14++++++++++++++


src/sha1.c | 3++-


src/sha2.c | 7++++---


4 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/include/kore/kore.h b/include/kore/kore.h
@@ -909,6 +909,7 @@ void		kore_mem_init(void);
 void		kore_mem_cleanup(void);
 void		kore_mem_untag(void *);
 void		*kore_mem_lookup(u_int32_t);
+void		kore_mem_zero(void *, size_t);
 void		kore_mem_tag(void *, u_int32_t);
 void		*kore_malloc_tagged(size_t, u_int32_t);
 
diff --git a/src/mem.c b/src/mem.c
@@ -264,6 +264,20 @@ kore_mem_lookup(u_int32_t id)
 	return (NULL);
 }
 
+/* Best effort to try and let the compiler not optimize this call away. */
+void
+kore_mem_zero(void *ptr, size_t len)
+{
+	volatile char	*p;
+
+	p = (volatile char *)ptr;
+
+	if (p != NULL) {
+		while (len-- > 0)
+			*(p)++ = 0x00;
+	}
+}
+
 static size_t
 memblock_index(size_t len)
 {
diff --git a/src/sha1.c b/src/sha1.c
@@ -17,6 +17,7 @@
 #include <sys/types.h>
 #include <string.h>
 
+#include "kore.h"
 #include "sha1.h"
 
 #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
@@ -167,5 +168,5 @@ SHA1Final(u_int8_t digest[SHA1_DIGEST_LENGTH], SHA1_CTX *context)
 		   ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
 	}
 
-	//explicit_bzero(context, sizeof(*context));
+	kore_mem_zero(context, sizeof(*context));
 }
diff --git a/src/sha2.c b/src/sha2.c
@@ -45,6 +45,7 @@
 #include <endian.h>
 #endif
 
+#include "kore.h"
 #include "sha2.h"
 
 /*
@@ -551,7 +552,7 @@ SHA256Final(u_int8_t digest[SHA256_DIGEST_LENGTH], SHA2_CTX *context)
 #else
 	memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH);
 #endif
-	//explicit_bzero(context, sizeof(*context));
+	kore_mem_zero(context, sizeof(*context));
 }
 
 
@@ -827,7 +828,7 @@ SHA512Final(u_int8_t digest[SHA512_DIGEST_LENGTH], SHA2_CTX *context)
 #else
 	memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH);
 #endif
-	//explicit_bzero(context, sizeof(*context));
+	kore_mem_zero(context, sizeof(*context));
 }
 
 /*** SHA-384: *********************************************************/
@@ -874,5 +875,5 @@ SHA384Final(u_int8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context)
 	memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH);
 #endif
 	/* Zero out state data */
-	//explicit_bzero(context, sizeof(*context));
+	kore_mem_zero(context, sizeof(*context));
 }