LibCrypto: Use explicit_bzero instead of memset to zero 'secure data'

PVS-Studio flagged this, as memset can be optimized away by the compiler in some cases. We obviously don't want that to ever happen so make sure to always use `explicit_bzero(..)` which can't be optimized away.
Author: https://github.com/bgianfo Commit: https://github.com/SerenityOS/serenity/commit/27a124f7d88 Pull-request: https://github.com/SerenityOS/serenity/pull/9972 Reviewed-by: https://github.com/awesomekling Reviewed-by: https://github.com/petelliott
2024-11-13 11:42:38 +03:00 · 2021-09-11 09:49:47 -07:00 · 2021-09-11 09:49:47 -07:00 · 27a124f7d8 · 2024-07-18 04:08:32 +09:00
commit 27a124f7d8
parent 3590c55b69
2 changed files with 4 additions and 2 deletions
--- a/Userland/Libraries/LibCrypto/Hash/MD5.cpp
+++ b/Userland/Libraries/LibCrypto/Hash/MD5.cpp
@ -6,6 +6,7 @@

 #include <AK/Types.h>
 #include <LibCrypto/Hash/MD5.h>
+#include <string.h>

 static constexpr u32 F(u32 x, u32 y, u32 z) { return (x & y) | ((~x) & z); };
 static constexpr u32 G(u32 x, u32 y, u32 z) { return (x & z) | ((~z) & y); };
@ -199,7 +200,7 @@ void MD5::transform(const u8* block)
    m_C += c;
    m_D += d;

-    __builtin_memset(x, 0, sizeof(x));
+    explicit_bzero(x, sizeof(x));
 }

 }
--- a/Userland/Libraries/LibCrypto/Hash/SHA1.cpp
+++ b/Userland/Libraries/LibCrypto/Hash/SHA1.cpp
@ -7,6 +7,7 @@
 #include <AK/Endian.h>
 #include <AK/Types.h>
 #include <LibCrypto/Hash/SHA1.h>
+#include <string.h>

 namespace Crypto {
 namespace Hash {
@ -63,7 +64,7 @@ inline void SHA1::transform(const u8* data)
    c = 0;
    d = 0;
    e = 0;
-    __builtin_memset(blocks, 0, 16 * sizeof(u32));
+    explicit_bzero(blocks, 16 * sizeof(u32));
 }

 void SHA1::update(const u8* message, size_t length)