NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit9fe5525

committed

pgcrypto: fix memset() calls that might be optimized away

Specifically, on-stack memset() might be removed, so:* Replace memset() with px_memset()* Add px_memset to copy_crlf()* Add px_memset to pgp-s2k.cPatch by Marko KreenReport by PVS-StudioBackpatch through 8.4.

1 parent83defef commit9fe5525Copy full SHA for 9fe5525

File tree

22 files changed

+82

-67

lines changed

contrib/pgcrypto

22 files changed

+82

-67

lines changed

`‎contrib/pgcrypto/crypt-blowfish.c`

Lines changed: 3 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,7 @@`
`35`	`35`	`#include"postgres.h"`
`36`	`36`
`37`	`37`	`#include"px-crypt.h"`
	`38`	`+#include"px.h"`
`38`	`39`
`39`	`40`	`#ifdef__i386__`
`40`	`41`	`#defineBF_ASM0/* 1 */`
`@@ -616,7 +617,7 @@ _crypt_blowfish_rn(const char key, const char setting,`
`616`	`617`	`count= (BF_word)1 << ((setting[4]-'0')*10+ (setting[5]-'0'));`
`617`	`618`	`if (count<16\|\|BF_decode(data.binary.salt,&setting[7],16))`
`618`	`619`	`{`
`619`		`-memset(data.binary.salt,0,sizeof(data.binary.salt));`
	`620`	`+px_memset(data.binary.salt,0,sizeof(data.binary.salt));`
`620`	`621`	`returnNULL;`
`621`	`622`	`}`
`622`	`623`	`BF_swap(data.binary.salt,4);`
`@@ -729,7 +730,7 @@ _crypt_blowfish_rn(const char key, const char setting,`
`729`	`730`	`/* Overwrite the most obvious sensitive data we have on the stack. Note`
`730`	`731`	`* that this does not guarantee there's no sensitive data left on the`
`731`	`732`	`* stack and/or in registers; I'm not aware of portable code that does. */`
`732`		`-memset(&data,0,sizeof(data));`
	`733`	`+px_memset(&data,0,sizeof(data));`
`733`	`734`
`734`	`735`	`returnoutput;`
`735`	`736`	`}`

`‎contrib/pgcrypto/crypt-md5.c`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -89,7 +89,7 @@ px_crypt_md5(const char pw, const char salt, char *passwd, unsigned dstlen)`
`89`	`89`	`px_md_update(ctx,final,pl>MD5_SIZE ?MD5_SIZE :pl);`
`90`	`90`
`91`	`91`	`/* Don't leave anything around in vm they could use. */`
`92`		`-memset(final,0,sizeoffinal);`
	`92`	`+px_memset(final,0,sizeoffinal);`
`93`	`93`
`94`	`94`	`/* Then something really weird... */`
`95`	`95`	`for (i=strlen(pw);i;i >>=1)`
`@@ -154,7 +154,7 @@ px_crypt_md5(const char pw, const char salt, char *passwd, unsigned dstlen)`
`154`	`154`	`*p='\0';`
`155`	`155`
`156`	`156`	`/* Don't leave anything around in vm they could use. */`
`157`		`-memset(final,0,sizeoffinal);`
	`157`	`+px_memset(final,0,sizeoffinal);`
`158`	`158`
`159`	`159`	`px_md_free(ctx1);`
`160`	`160`	`px_md_free(ctx);`

`‎contrib/pgcrypto/fortuna.c`

Lines changed: 8 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -34,6 +34,7 @@`
`34`	`34`	`#include<sys/time.h>`
`35`	`35`	`#include<time.h>`
`36`	`36`
	`37`	`+#include"px.h"`
`37`	`38`	`#include"rijndael.h"`
`38`	`39`	`#include"sha2.h"`
`39`	`40`	`#include"fortuna.h"`
`@@ -169,7 +170,7 @@ md_result(MD_CTX * ctx, uint8 *dst)`
`169`	`170`
`170`	`171`	`memcpy(&tmp,ctx,sizeof(*ctx));`
`171`	`172`	`SHA256_Final(dst,&tmp);`
`172`		`-memset(&tmp,0,sizeof(tmp));`
	`173`	`+px_memset(&tmp,0,sizeof(tmp));`
`173`	`174`	`}`
`174`	`175`
`175`	`176`	`/*`
`@@ -243,7 +244,7 @@ enough_time_passed(FState *st)`
`243`	`244`	`if (ok)`
`244`	`245`	`memcpy(last,&tv,sizeof(tv));`
`245`	`246`
`246`		`-memset(&tv,0,sizeof(tv));`
	`247`	`+px_memset(&tv,0,sizeof(tv));`
`247`	`248`
`248`	`249`	`returnok;`
`249`	`250`	`}`
`@@ -290,8 +291,8 @@ reseed(FState *st)`
`290`	`291`	`/* use new key */`
`291`	`292`	`ciph_init(&st->ciph,st->key,BLOCK);`
`292`	`293`
`293`		`-memset(&key_md,0,sizeof(key_md));`
`294`		`-memset(buf,0,BLOCK);`
	`294`	`+px_memset(&key_md,0,sizeof(key_md));`
	`295`	`+px_memset(buf,0,BLOCK);`
`295`	`296`	`}`
`296`	`297`
`297`	`298`	`/*`
`@@ -341,8 +342,8 @@ add_entropy(FState st, const uint8 data, unsigned len)`
`341`	`342`	`if (pos==0)`
`342`	`343`	`st->pool0_bytes+=len;`
`343`	`344`
`344`		`-memset(hash,0,BLOCK);`
`345`		`-memset(&md,0,sizeof(md));`
	`345`	`+px_memset(hash,0,BLOCK);`
	`346`	`+px_memset(&md,0,sizeof(md));`
`346`	`347`	`}`
`347`	`348`
`348`	`349`	`/*`
`@@ -378,7 +379,7 @@ startup_tricks(FState *st)`
`378`	`379`	`encrypt_counter(st,buf+CIPH_BLOCK);`
`379`	`380`	`md_update(&st->pool[i],buf,BLOCK);`
`380`	`381`	`}`
`381`		`-memset(buf,0,BLOCK);`
	`382`	`+px_memset(buf,0,BLOCK);`
`382`	`383`
`383`	`384`	`/* Hide the key. */`
`384`	`385`	`rekey(st);`

`‎contrib/pgcrypto/internal-sha2.c`

Lines changed: 4 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,7 @@ int_sha224_free(PX_MD *h)`
`84`	`84`	`{`
`85`	`85`	`SHA224_CTXctx= (SHA224_CTX)h->p.ptr;`
`86`	`86`
`87`		`-memset(ctx,0,sizeof(*ctx));`
	`87`	`+px_memset(ctx,0,sizeof(*ctx));`
`88`	`88`	`px_free(ctx);`
`89`	`89`	`px_free(h);`
`90`	`90`	`}`
`@@ -132,7 +132,7 @@ int_sha256_free(PX_MD *h)`
`132`	`132`	`{`
`133`	`133`	`SHA256_CTXctx= (SHA256_CTX)h->p.ptr;`
`134`	`134`
`135`		`-memset(ctx,0,sizeof(*ctx));`
	`135`	`+px_memset(ctx,0,sizeof(*ctx));`
`136`	`136`	`px_free(ctx);`
`137`	`137`	`px_free(h);`
`138`	`138`	`}`
`@@ -180,7 +180,7 @@ int_sha384_free(PX_MD *h)`
`180`	`180`	`{`
`181`	`181`	`SHA384_CTXctx= (SHA384_CTX)h->p.ptr;`
`182`	`182`
`183`		`-memset(ctx,0,sizeof(*ctx));`
	`183`	`+px_memset(ctx,0,sizeof(*ctx));`
`184`	`184`	`px_free(ctx);`
`185`	`185`	`px_free(h);`
`186`	`186`	`}`
`@@ -228,7 +228,7 @@ int_sha512_free(PX_MD *h)`
`228`	`228`	`{`
`229`	`229`	`SHA512_CTXctx= (SHA512_CTX)h->p.ptr;`
`230`	`230`
`231`		`-memset(ctx,0,sizeof(*ctx));`
	`231`	`+px_memset(ctx,0,sizeof(*ctx));`
`232`	`232`	`px_free(ctx);`
`233`	`233`	`px_free(h);`
`234`	`234`	`}`

`‎contrib/pgcrypto/internal.c`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -142,7 +142,7 @@ int_md5_free(PX_MD *h)`
`142`	`142`	`{`
`143`	`143`	`MD5_CTXctx= (MD5_CTX)h->p.ptr;`
`144`	`144`
`145`		`-memset(ctx,0,sizeof(*ctx));`
	`145`	`+px_memset(ctx,0,sizeof(*ctx));`
`146`	`146`	`px_free(ctx);`
`147`	`147`	`px_free(h);`
`148`	`148`	`}`
`@@ -190,7 +190,7 @@ int_sha1_free(PX_MD *h)`
`190`	`190`	`{`
`191`	`191`	`SHA1_CTXctx= (SHA1_CTX)h->p.ptr;`
`192`	`192`
`193`		`-memset(ctx,0,sizeof(*ctx));`
	`193`	`+px_memset(ctx,0,sizeof(*ctx));`
`194`	`194`	`px_free(ctx);`
`195`	`195`	`px_free(h);`
`196`	`196`	`}`
`@@ -265,7 +265,7 @@ intctx_free(PX_Cipher *c)`
`265`	`265`
`266`	`266`	`if (cx)`
`267`	`267`	`{`
`268`		`-memset(cx,0,sizeof*cx);`
	`268`	`+px_memset(cx,0,sizeof*cx);`
`269`	`269`	`px_free(cx);`
`270`	`270`	`}`
`271`	`271`	`px_free(c);`
`@@ -658,7 +658,7 @@ system_reseed(void)`
`658`	`658`	`skip=buf[0] >=SYSTEM_RESEED_CHANCE;`
`659`	`659`	`}`
`660`	`660`	`/* clear 1 byte */`
`661`		`-memset(buf,0,sizeof(buf));`
	`661`	`+px_memset(buf,0,sizeof(buf));`
`662`	`662`
`663`	`663`	`if (skip)`
`664`	`664`	`return;`
`@@ -668,7 +668,7 @@ system_reseed(void)`
`668`	`668`	`fortuna_add_entropy(buf,n);`
`669`	`669`
`670`	`670`	`seed_time=t;`
`671`		`-memset(buf,0,sizeof(buf));`
	`671`	`+px_memset(buf,0,sizeof(buf));`
`672`	`672`	`}`
`673`	`673`
`674`	`674`	`int`

`‎contrib/pgcrypto/mbuf.c`

Lines changed: 6 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -69,7 +69,7 @@ mbuf_free(MBuf *mbuf)`
`69`	`69`	`{`
`70`	`70`	`if (mbuf->own_data)`
`71`	`71`	`{`
`72`		`-memset(mbuf->data,0,mbuf->buf_end-mbuf->data);`
	`72`	`+px_memset(mbuf->data,0,mbuf->buf_end-mbuf->data);`
`73`	`73`	`px_free(mbuf->data);`
`74`	`74`	`}`
`75`	`75`	`px_free(mbuf);`
`@@ -249,11 +249,11 @@ pullf_free(PullFilter *pf)`
`249`	`249`
`250`	`250`	`if (pf->buf)`
`251`	`251`	`{`
`252`		`-memset(pf->buf,0,pf->buflen);`
	`252`	`+px_memset(pf->buf,0,pf->buflen);`
`253`	`253`	`px_free(pf->buf);`
`254`	`254`	`}`
`255`	`255`
`256`		`-memset(pf,0,sizeof(*pf));`
	`256`	`+px_memset(pf,0,sizeof(*pf));`
`257`	`257`	`px_free(pf);`
`258`	`258`	`}`
`259`	`259`
`@@ -298,7 +298,7 @@ pullf_read_max(PullFilter pf, int len, uint8 data_p, uint8 tmpbuf)`
`298`	`298`	`if (res<0)`
`299`	`299`	`{`
`300`	`300`	`/* so the caller must clear only on success */`
`301`		`-memset(tmpbuf,0,total);`
	`301`	`+px_memset(tmpbuf,0,total);`
`302`	`302`	`returnres;`
`303`	`303`	`}`
`304`	`304`	`if (res==0)`
`@@ -415,11 +415,11 @@ pushf_free(PushFilter *mp)`
`415`	`415`
`416`	`416`	`if (mp->buf)`
`417`	`417`	`{`
`418`		`-memset(mp->buf,0,mp->block_size);`
	`418`	`+px_memset(mp->buf,0,mp->block_size);`
`419`	`419`	`px_free(mp->buf);`
`420`	`420`	`}`
`421`	`421`
`422`		`-memset(mp,0,sizeof(*mp));`
	`422`	`+px_memset(mp,0,sizeof(*mp));`
`423`	`423`	`px_free(mp);`
`424`	`424`	`}`
`425`	`425`

`‎contrib/pgcrypto/openssl.c`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -142,7 +142,7 @@ EVP_MD_CTX_init(EVP_MD_CTX *ctx)`
`142`	`142`	`staticint`
`143`	`143`	`EVP_MD_CTX_cleanup(EVP_MD_CTX*ctx)`
`144`	`144`	`{`
`145`		`-memset(ctx,0,sizeof(*ctx));`
	`145`	`+px_memset(ctx,0,sizeof(*ctx));`
`146`	`146`	`return1;`
`147`	`147`	`}`
`148`	`148`
`@@ -381,7 +381,7 @@ gen_ossl_free(PX_Cipher *c)`
`381`	`381`	`{`
`382`	`382`	`ossldataod= (ossldata)c->ptr;`
`383`	`383`
`384`		`-memset(od,0,sizeof(*od));`
	`384`	`+px_memset(od,0,sizeof(*od));`
`385`	`385`	`px_free(od);`
`386`	`386`	`px_free(c);`
`387`	`387`	`}`

`‎contrib/pgcrypto/pgp-cfb.c`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,7 @@ void`
`84`	`84`	`pgp_cfb_free(PGP_CFB*ctx)`
`85`	`85`	`{`
`86`	`86`	`px_cipher_free(ctx->ciph);`
`87`		`-memset(ctx,0,sizeof(*ctx));`
	`87`	`+px_memset(ctx,0,sizeof(*ctx));`
`88`	`88`	`px_free(ctx);`
`89`	`89`	`}`
`90`	`90`

`‎contrib/pgcrypto/pgp-compress.c`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -174,7 +174,7 @@ compress_free(void *priv)`
`174`	`174`	`structZipStat*st=priv;`
`175`	`175`
`176`	`176`	`deflateEnd(&st->stream);`
`177`		`-memset(st,0,sizeof(*st));`
	`177`	`+px_memset(st,0,sizeof(*st));`
`178`	`178`	`px_free(st);`
`179`	`179`	`}`
`180`	`180`
`@@ -297,7 +297,7 @@ decompress_free(void *priv)`
`297`	`297`	`structDecomprData*dec=priv;`
`298`	`298`
`299`	`299`	`inflateEnd(&dec->stream);`
`300`		`-memset(dec,0,sizeof(*dec));`
	`300`	`+px_memset(dec,0,sizeof(*dec));`
`301`	`301`	`px_free(dec);`
`302`	`302`	`}`
`303`	`303`

`‎contrib/pgcrypto/pgp-decrypt.c`

Lines changed: 10 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -210,7 +210,7 @@ pktreader_free(void *priv)`
`210`	`210`	`{`
`211`	`211`	`structPktData*pkt=priv;`
`212`	`212`
`213`		`-memset(pkt,0,sizeof(*pkt));`
	`213`	`+px_memset(pkt,0,sizeof(*pkt));`
`214`	`214`	`px_free(pkt);`
`215`	`215`	`}`
`216`	`216`
`@@ -257,7 +257,7 @@ prefix_init(void *priv_p, void arg, PullFilter *src)`
`257`	`257`	`if (res!=len+2)`
`258`	`258`	`{`
`259`	`259`	`px_debug("prefix_init: short read");`
`260`		`-memset(tmpbuf,0,sizeof(tmpbuf));`
	`260`	`+px_memset(tmpbuf,0,sizeof(tmpbuf));`
`261`	`261`	`returnPXE_PGP_CORRUPT_DATA;`
`262`	`262`	`}`
`263`	`263`
`@@ -280,7 +280,7 @@ prefix_init(void *priv_p, void arg, PullFilter *src)`
`280`	`280`	`*/`
`281`	`281`	`ctx->corrupt_prefix=1;`
`282`	`282`	`}`
`283`		`-memset(tmpbuf,0,sizeof(tmpbuf));`
	`283`	`+px_memset(tmpbuf,0,sizeof(tmpbuf));`
`284`	`284`	`return0;`
`285`	`285`	`}`
`286`	`286`
`@@ -395,8 +395,8 @@ mdc_finish(PGP_Context ctx, PullFilter src,`
`395`	`395`	`*/`
`396`	`396`	`px_md_finish(ctx->mdc_ctx,hash);`
`397`	`397`	`res=memcmp(hash,*data_p,20);`
`398`		`-memset(hash,0,20);`
`399`		`-memset(tmpbuf,0,sizeof(tmpbuf));`
	`398`	`+px_memset(hash,0,20);`
	`399`	`+px_memset(tmpbuf,0,sizeof(tmpbuf));`
`400`	`400`	`if (res!=0)`
`401`	`401`	`{`
`402`	`402`	`px_debug("mdc_finish: mdc failed");`
`@@ -493,7 +493,7 @@ mdcbuf_finish(struct MDCBufData * st)`
`493`	`493`	`px_md_update(st->ctx->mdc_ctx,st->mdc_buf,2);`
`494`	`494`	`px_md_finish(st->ctx->mdc_ctx,hash);`
`495`	`495`	`res=memcmp(hash,st->mdc_buf+2,20);`
`496`		`-memset(hash,0,20);`
	`496`	`+px_memset(hash,0,20);`
`497`	`497`	`if (res)`
`498`	`498`	`{`
`499`	`499`	`px_debug("mdcbuf_finish: MDC does not match");`
`@@ -593,7 +593,7 @@ mdcbuf_free(void *priv)`
`593`	`593`
`594`	`594`	`px_md_free(st->ctx->mdc_ctx);`
`595`	`595`	`st->ctx->mdc_ctx=NULL;`
`596`		`-memset(st,0,sizeof(*st));`
	`596`	`+px_memset(st,0,sizeof(*st));`
`597`	`597`	`px_free(st);`
`598`	`598`	`}`
`599`	`599`
`@@ -703,7 +703,7 @@ parse_symenc_sesskey(PGP_Context ctx, PullFilter src)`
`703`	`703`	`res=decrypt_key(ctx,p,res);`
`704`	`704`	`}`
`705`	`705`
`706`		`-memset(tmpbuf,0,sizeof(tmpbuf));`
	`706`	`+px_memset(tmpbuf,0,sizeof(tmpbuf));`
`707`	`707`	`returnres;`
`708`	`708`	`}`
`709`	`709`
`@@ -753,6 +753,7 @@ copy_crlf(MBuf dst, uint8 data, int len, int *got_cr)`
`753`	`753`	`if (res<0)`
`754`	`754`	`returnres;`
`755`	`755`	`}`
	`756`	`+px_memset(tmpbuf,0,sizeof(tmpbuf));`
`756`	`757`	`return0;`
`757`	`758`	`}`
`758`	`759`
`@@ -792,7 +793,7 @@ parse_literal_data(PGP_Context ctx, MBuf dst, PullFilter *pkt)`
`792`	`793`	`px_debug("parse_literal_data: unexpected eof");`
`793`	`794`	`returnPXE_PGP_CORRUPT_DATA;`
`794`	`795`	`}`
`795`		`-memset(tmpbuf,0,4);`
	`796`	`+px_memset(tmpbuf,0,4);`
`796`	`797`
`797`	`798`	`/* check if text */`
`798`	`799`	`if (ctx->text_mode)`

`‎contrib/pgcrypto/pgp-encrypt.c`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -128,7 +128,7 @@ mdc_flush(PushFilter dst, void priv)`
`128`	`128`	`px_md_finish(md,pkt+2);`
`129`	`129`
`130`	`130`	`res=pushf_write(dst,pkt,2+MDC_DIGEST_LEN);`
`131`		`-memset(pkt,0,2+MDC_DIGEST_LEN);`
	`131`	`+px_memset(pkt,0,2+MDC_DIGEST_LEN);`
`132`	`132`	`returnres;`
`133`	`133`	`}`
`134`	`134`
`@@ -217,7 +217,7 @@ encrypt_free(void *priv)`
`217`	`217`	`{`
`218`	`218`	`structEncStat*st=priv;`
`219`	`219`
`220`		`-memset(st,0,sizeof(*st));`
	`220`	`+px_memset(st,0,sizeof(*st));`
`221`	`221`	`px_free(st);`
`222`	`222`	`}`
`223`	`223`
`@@ -299,7 +299,7 @@ pkt_stream_free(void *priv)`
`299`	`299`	`{`
`300`	`300`	`structPktStreamStat*st=priv;`
`301`	`301`
`302`		`-memset(st,0,sizeof(*st));`
	`302`	`+px_memset(st,0,sizeof(*st));`
`303`	`303`	`px_free(st);`
`304`	`304`	`}`
`305`	`305`
`@@ -490,7 +490,7 @@ write_prefix(PGP_Context ctx, PushFilter dst)`
`490`	`490`	`prefix[bs+1]=prefix[bs-1];`
`491`	`491`
`492`	`492`	`res=pushf_write(dst,prefix,bs+2);`
`493`		`-memset(prefix,0,bs+2);`
	`493`	`+px_memset(prefix,0,bs+2);`
`494`	`494`	`returnres<0 ?res :0;`
`495`	`495`	`}`
`496`	`496`
`@@ -552,7 +552,7 @@ write_symenc_sesskey(PGP_Context ctx, PushFilter dst)`
`552`	`552`	`if (res >=0)`
`553`	`553`	`res=pushf_write(dst,pkt,pktlen);`
`554`	`554`
`555`		`-memset(pkt,0,pktlen);`
	`555`	`+px_memset(pkt,0,pktlen);`
`556`	`556`	`returnres;`
`557`	`557`	`}`
`558`	`558`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit9fe5525

File tree

22 files changed

22 files changed

`‎contrib/pgcrypto/crypt-blowfish.c`

`‎contrib/pgcrypto/crypt-md5.c`

`‎contrib/pgcrypto/fortuna.c`

`‎contrib/pgcrypto/internal-sha2.c`

`‎contrib/pgcrypto/internal.c`

`‎contrib/pgcrypto/mbuf.c`

`‎contrib/pgcrypto/openssl.c`

`‎contrib/pgcrypto/pgp-cfb.c`

`‎contrib/pgcrypto/pgp-compress.c`

`‎contrib/pgcrypto/pgp-decrypt.c`

`‎contrib/pgcrypto/pgp-encrypt.c`

0 commit comments