diff options
author | Daniel Mack <github@zonque.org> | 2015-11-03 07:15:44 +0100 |
---|---|---|
committer | Daniel Mack <github@zonque.org> | 2015-11-03 07:15:44 +0100 |
commit | a31afe1a18cca840046d976a637c7918ec6f5fe2 (patch) | |
tree | 11fd3c0d57bcae37069117036904fe3a8c7f7209 /src/basic/string-util.c | |
parent | 3342582deb95b6e364541435654eb8f6fa320f40 (diff) | |
parent | 2c1a55cf3fe78bcf728f73487813ddd3ee020a98 (diff) |
Merge pull request #1758 from poettering/varietygalore
A grab bag of stuff
Diffstat (limited to 'src/basic/string-util.c')
-rw-r--r-- | src/basic/string-util.c | 31 |
1 files changed, 23 insertions, 8 deletions
diff --git a/src/basic/string-util.c b/src/basic/string-util.c index 63b9b79df9..c3be576816 100644 --- a/src/basic/string-util.c +++ b/src/basic/string-util.c @@ -748,23 +748,38 @@ int free_and_strdup(char **p, const char *s) { return 1; } -void string_erase(char *x) { +#pragma GCC push_options +#pragma GCC optimize("O0") + +void* memory_erase(void *p, size_t l) { + volatile uint8_t* x = (volatile uint8_t*) p; + + /* This basically does what memset() does, but hopefully isn't + * optimized away by the compiler. One of those days, when + * glibc learns memset_s() we should replace this call by + * memset_s(), but until then this has to do. */ + + for (; l > 0; l--) + *(x++) = 'x'; + + return p; +} + +#pragma GCC pop_options + +char* string_erase(char *x) { if (!x) - return; + return NULL; /* A delicious drop of snake-oil! To be called on memory where * we stored passphrases or so, after we used them. */ - memory_erase(x, strlen(x)); + return memory_erase(x, strlen(x)); } char *string_free_erase(char *s) { - if (!s) - return NULL; - - string_erase(s); - return mfree(s); + return mfree(string_erase(s)); } bool string_is_safe(const char *p) { |