diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/libstrongswan/utils.c | 8 | ||||
| -rw-r--r-- | src/libstrongswan/utils.h | 45 |
2 files changed, 53 insertions, 0 deletions
diff --git a/src/libstrongswan/utils.c b/src/libstrongswan/utils.c index ba12cd764..6ffb62aaf 100644 --- a/src/libstrongswan/utils.c +++ b/src/libstrongswan/utils.c @@ -102,6 +102,14 @@ void memxor(u_int8_t dst[], u_int8_t src[], size_t n) /** * Described in header. */ +void memwipe_noinline(void *ptr, size_t n) +{ + memwipe_inline(ptr, n); +} + +/** + * Described in header. + */ void *memstr(const void *haystack, const char *needle, size_t n) { unsigned const char *pos = haystack; diff --git a/src/libstrongswan/utils.h b/src/libstrongswan/utils.h index ed61895ee..a334954ae 100644 --- a/src/libstrongswan/utils.h +++ b/src/libstrongswan/utils.h @@ -337,6 +337,51 @@ void *clalloc(void *pointer, size_t size); void memxor(u_int8_t dest[], u_int8_t src[], size_t n); /** + * Safely overwrite n bytes of memory at ptr with zero, non-inlining variant. + */ +void memwipe_noinline(void *ptr, size_t n); + +/** + * Safely overwrite n bytes of memory at ptr with zero, inlining variant. + */ +static inline void memwipe_inline(void *ptr, size_t n) +{ + volatile char *c = (volatile char*)ptr; + int m, i; + + /* byte wise until long aligned */ + for (i = 0; (uintptr_t)&c % sizeof(long) && i < n; i++) + { + c[i] = 0; + } + /* word wize */ + for (m = n - sizeof(long); i <= m; i += sizeof(long)) + { + *(volatile long*)&c[i] = 0; + } + /* byte wise of the rest */ + for (; i < n; i++) + { + c[i] = 0; + } +} + +/** + * Safely overwrite n bytes of memory at ptr with zero, auto-inlining variant. + */ +static inline void memwipe(void *ptr, size_t n) +{ + if (__builtin_constant_p(n)) + { + memwipe_inline(ptr, n); + } + else + { + memwipe_noinline(ptr, n); + } +} + +/** * A variant of strstr with the characteristics of memchr, where haystack is not * a null-terminated string but simply a memory area of length n. */ |