explicit_bzero() for sasyncd(8)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

explicit_bzero() for sasyncd(8)

Michael McConville-2
I took the approach of trying to enforce the programmer's intentions. If
anyone thinks some or all of the cases don't make sense, let me know.


Index: monitor.c
===================================================================
RCS file: /cvs/src/usr.sbin/sasyncd/monitor.c,v
retrieving revision 1.20
diff -u -p -r1.20 monitor.c
--- monitor.c 20 Aug 2015 22:39:29 -0000 1.20
+++ monitor.c 11 Sep 2015 17:12:06 -0000
@@ -285,7 +285,7 @@ monitor_get_pfkey_snap(u_int8_t **sadb,
  }
  rbytes = m_read(m_state.s, *sadb, *sadbsize);
  if (rbytes < 1) {
- memset(*sadb, 0, *sadbsize);
+ explicit_bzero(*sadb, *sadbsize);
  free(*sadb);
  return -1;
  }
@@ -294,7 +294,7 @@ monitor_get_pfkey_snap(u_int8_t **sadb,
  /* Read SPD data */
  if (m_read(m_state.s, spdsize, sizeof *spdsize) < 1) {
  if (*sadbsize) {
- memset(*sadb, 0, *sadbsize);
+ explicit_bzero(*sadb, *sadbsize);
  free(*sadb);
  }
  return -1;
@@ -305,17 +305,17 @@ monitor_get_pfkey_snap(u_int8_t **sadb,
  log_err("monitor_get_pfkey_snap: malloc()");
  monitor_drain_input();
  if (*sadbsize) {
- memset(*sadb, 0, *sadbsize);
+ explicit_bzero(*sadb, *sadbsize);
  free(*sadb);
  }
  return -1;
  }
  rbytes = m_read(m_state.s, *spd, *spdsize);
  if (rbytes < 1) {
- memset(*spd, 0, *spdsize);
+ explicit_bzero(*spd, *spdsize);
  free(*spd);
  if (*sadbsize) {
- memset(*sadb, 0, *sadbsize);
+ explicit_bzero(*sadb, *sadbsize);
  free(*sadb);
  }
  return -1;
@@ -442,11 +442,11 @@ m_priv_pfkey_snap(int s)
 
 cleanup:
  if (sadb_buf) {
- memset(sadb_buf, 0, sadb_buflen);
+ explicit_bzero(sadb_buf, sadb_buflen);
  free(sadb_buf);
  }
  if (spd_buf) {
- memset(spd_buf, 0, spd_buflen);
+ explicit_bzero(spd_buf, spd_buflen);
  free(spd_buf);
  }
 }
Index: pfkey.c
===================================================================
RCS file: /cvs/src/usr.sbin/sasyncd/pfkey.c,v
retrieving revision 1.24
diff -u -p -r1.24 pfkey.c
--- pfkey.c 20 Aug 2015 22:39:29 -0000 1.24
+++ pfkey.c 11 Sep 2015 17:12:06 -0000
@@ -496,7 +496,7 @@ pfkey_snapshot(void *v)
     m->sadb_msg_len * CHUNK, p->name);
  }
  }
- memset(sadb, 0, sadbsz);
+ explicit_bzero(sadb, sadbsz);
  free(sadb);
  }
 
@@ -526,8 +526,7 @@ pfkey_snapshot(void *v)
     m->sadb_msg_len * CHUNK, p->name);
  }
  }
- /* Cleanup. */
- memset(spd, 0, spdsz);
+ explicit_bzero(spd, spdsz);
  free(spd);
  }
 

Reply | Threaded
Open this post in threaded view
|

Re: Enforce explicit bzeroing in sasyncd(8)

Michael McConville-2
Ping.

Michael McConville wrote:

> I took the approach of trying to enforce the programmer's intentions. If
> anyone thinks some or all of the cases don't make sense, let me know.
>
>
> Index: monitor.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/sasyncd/monitor.c,v
> retrieving revision 1.20
> diff -u -p -r1.20 monitor.c
> --- monitor.c 20 Aug 2015 22:39:29 -0000 1.20
> +++ monitor.c 11 Sep 2015 17:12:06 -0000
> @@ -285,7 +285,7 @@ monitor_get_pfkey_snap(u_int8_t **sadb,
>   }
>   rbytes = m_read(m_state.s, *sadb, *sadbsize);
>   if (rbytes < 1) {
> - memset(*sadb, 0, *sadbsize);
> + explicit_bzero(*sadb, *sadbsize);
>   free(*sadb);
>   return -1;
>   }
> @@ -294,7 +294,7 @@ monitor_get_pfkey_snap(u_int8_t **sadb,
>   /* Read SPD data */
>   if (m_read(m_state.s, spdsize, sizeof *spdsize) < 1) {
>   if (*sadbsize) {
> - memset(*sadb, 0, *sadbsize);
> + explicit_bzero(*sadb, *sadbsize);
>   free(*sadb);
>   }
>   return -1;
> @@ -305,17 +305,17 @@ monitor_get_pfkey_snap(u_int8_t **sadb,
>   log_err("monitor_get_pfkey_snap: malloc()");
>   monitor_drain_input();
>   if (*sadbsize) {
> - memset(*sadb, 0, *sadbsize);
> + explicit_bzero(*sadb, *sadbsize);
>   free(*sadb);
>   }
>   return -1;
>   }
>   rbytes = m_read(m_state.s, *spd, *spdsize);
>   if (rbytes < 1) {
> - memset(*spd, 0, *spdsize);
> + explicit_bzero(*spd, *spdsize);
>   free(*spd);
>   if (*sadbsize) {
> - memset(*sadb, 0, *sadbsize);
> + explicit_bzero(*sadb, *sadbsize);
>   free(*sadb);
>   }
>   return -1;
> @@ -442,11 +442,11 @@ m_priv_pfkey_snap(int s)
>  
>  cleanup:
>   if (sadb_buf) {
> - memset(sadb_buf, 0, sadb_buflen);
> + explicit_bzero(sadb_buf, sadb_buflen);
>   free(sadb_buf);
>   }
>   if (spd_buf) {
> - memset(spd_buf, 0, spd_buflen);
> + explicit_bzero(spd_buf, spd_buflen);
>   free(spd_buf);
>   }
>  }
> Index: pfkey.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/sasyncd/pfkey.c,v
> retrieving revision 1.24
> diff -u -p -r1.24 pfkey.c
> --- pfkey.c 20 Aug 2015 22:39:29 -0000 1.24
> +++ pfkey.c 11 Sep 2015 17:12:06 -0000
> @@ -496,7 +496,7 @@ pfkey_snapshot(void *v)
>      m->sadb_msg_len * CHUNK, p->name);
>   }
>   }
> - memset(sadb, 0, sadbsz);
> + explicit_bzero(sadb, sadbsz);
>   free(sadb);
>   }
>  
> @@ -526,8 +526,7 @@ pfkey_snapshot(void *v)
>      m->sadb_msg_len * CHUNK, p->name);
>   }
>   }
> - /* Cleanup. */
> - memset(spd, 0, spdsz);
> + explicit_bzero(spd, spdsz);
>   free(spd);
>   }
>