diff options
author | Brian Gianforcaro <bgianf@serenityos.org> | 2021-09-11 09:49:47 -0700 |
---|---|---|
committer | Andreas Kling <kling@serenityos.org> | 2021-09-12 16:36:52 +0200 |
commit | 27a124f7d88a9c59650b4881b95b166de887f055 (patch) | |
tree | a8a606f4e4becea1b95bd963357a28aeba9f518b /Userland/Libraries | |
parent | 3590c55b69e2c6337ffa9445b14513686e5a99bc (diff) | |
download | serenity-27a124f7d88a9c59650b4881b95b166de887f055.zip |
LibCrypto: Use explicit_bzero instead of memset to zero 'secure data'
PVS-Studio flagged this, as memset can be optimized away by the compiler
in some cases. We obviously don't want that to ever happen so make sure
to always use `explicit_bzero(..)` which can't be optimized away.
Diffstat (limited to 'Userland/Libraries')
-rw-r--r-- | Userland/Libraries/LibCrypto/Hash/MD5.cpp | 3 | ||||
-rw-r--r-- | Userland/Libraries/LibCrypto/Hash/SHA1.cpp | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/Userland/Libraries/LibCrypto/Hash/MD5.cpp b/Userland/Libraries/LibCrypto/Hash/MD5.cpp index c526bb8000..de4d529882 100644 --- a/Userland/Libraries/LibCrypto/Hash/MD5.cpp +++ b/Userland/Libraries/LibCrypto/Hash/MD5.cpp @@ -6,6 +6,7 @@ #include <AK/Types.h> #include <LibCrypto/Hash/MD5.h> +#include <string.h> static constexpr u32 F(u32 x, u32 y, u32 z) { return (x & y) | ((~x) & z); }; static constexpr u32 G(u32 x, u32 y, u32 z) { return (x & z) | ((~z) & y); }; @@ -199,7 +200,7 @@ void MD5::transform(const u8* block) m_C += c; m_D += d; - __builtin_memset(x, 0, sizeof(x)); + explicit_bzero(x, sizeof(x)); } } diff --git a/Userland/Libraries/LibCrypto/Hash/SHA1.cpp b/Userland/Libraries/LibCrypto/Hash/SHA1.cpp index 9d6147687c..58b1db96e4 100644 --- a/Userland/Libraries/LibCrypto/Hash/SHA1.cpp +++ b/Userland/Libraries/LibCrypto/Hash/SHA1.cpp @@ -7,6 +7,7 @@ #include <AK/Endian.h> #include <AK/Types.h> #include <LibCrypto/Hash/SHA1.h> +#include <string.h> namespace Crypto { namespace Hash { @@ -63,7 +64,7 @@ inline void SHA1::transform(const u8* data) c = 0; d = 0; e = 0; - __builtin_memset(blocks, 0, 16 * sizeof(u32)); + explicit_bzero(blocks, 16 * sizeof(u32)); } void SHA1::update(const u8* message, size_t length) |