libgcrypt: Use memset_explicit (of C23) to wipe memory
Open, WishlistPublic
Actions

Assigned To

None

Authored By

	• gniibe
	Fri, Apr 17, 8:38 AM

Description

In GNU C library 2.43, memset_explicit is added.
It should be used if available for libgcrypt.

Event Timeline

Here is the change:

diff --git a/configure.ac b/configure.ac
index 30be86b5..ac2696e5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3073,7 +3073,8 @@ AC_CHECK_FUNCS(strtoul memmove stricmp atexit raise)
 AC_CHECK_FUNCS(strerror rand mmap getpagesize sysconf waitpid wait4)
 AC_CHECK_FUNCS(gettimeofday getrusage gethrtime clock_gettime syslog)
 AC_CHECK_FUNCS(syscall fcntl ftruncate flockfile getauxval elf_aux_info)
-AC_CHECK_FUNCS(explicit_bzero explicit_memset getentropy sysctlbyname)
+AC_CHECK_FUNCS(memset_explicit explicit_bzero explicit_memset)
+AC_CHECK_FUNCS(getentropy sysctlbyname)
 
 GNUPG_CHECK_MLOCK
 
diff --git a/src/misc.c b/src/misc.c
index 3c6fe931..e0c06a5d 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -549,7 +549,9 @@ _gcry_fast_wipememory (void *ptr, size_t len)
      - [_WIN32/mingw32] SecureZeroMemory; Inline function, equivalent to
        volatile byte buffer set: while(buflen--) (volatile char *)(buf++)=set;
    */
-#ifdef HAVE_EXPLICIT_BZERO
+#ifdef HAVE_MEMSET_EXPLICIT
+  memset_explicit (ptr, 0, len);
+#elif defined(HAVE_EXPLICIT_BZERO)
   explicit_bzero (ptr, len);
 #elif defined(HAVE_EXPLICIT_MEMSET)
   explicit_memset (ptr, 0, len);

• gniibe mentioned this in Unknown Object (Maniphest Task).Mon, Apr 20, 9:40 AM

libgcrypt: Use memset_explicit (of C23) to wipe memoryOpen, WishlistPublicActions

Description

Event Timeline

libgcrypt: Use memset_explicit (of C23) to wipe memory
Open, WishlistPublic
Actions