| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
reveal memory content
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
|
|
This reverts commit 7e693b55730ceba2ef326286a0c68d5d91324a22.
Without this commit, for memory allocated via e.g. talloc_strdup(),
talloc name would reveal memory content.
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
|
|
Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
|
|
samba provides macros for zeroing various structures in memory,
and all code uses them instead of relying on memset_s().
However, a few places use memset_s() directly. Replace these
usages with macros for consistency and to be able to replace
memset_s() easier.
A few notes.
Commit 03a50d8f7d872b6ef701d12 "lib:util: Check memset_s() error
code in talloc_keep_secret_destructor()" (Aug-2022) added a check
for error return from memset_s(). This is the only place in whole
codebase which bothers about doing this. But I've difficult time
figuring out the intention. Was there a real case when this code
path is actually executed?
Commit 7658c9bf0a9c99e3f200571 "lib:crypto: Remove redundant array
zeroing" (Nov-2023) removed the OTHER line from the two lines used
to zero memory in here. Initially the code used both memset_s()
*and* ZERO_ARRAY_LEN(), the former has been removed. This change
removes the other - memset_s(), reintroducing ZERO_ARRAY_LEN().
Here however, it's probably better to use BURN_PTR instead of
ZERO_ARRAY - in this place and a few lines above.
Commit 8dddea2ceda40f2365bd6b1 "lib:talloc: Use memset_s() to avoid
the call gets optimized out" (Feb-2024) is a recent commit which
introduces memset_s(). However, it does not seem like it makes
any difference whatsoever for a testsuite, or that it actually
needs to clean up the memory to begin with.
We've quite an assortment of all this memory zeroing stuff. Also
it is repeated in replace.h and memory.h (two sets in these files
are different but has big intersection). I'd say, to fix this mess,
things from replace.h should be removed in favour of memory.h, and
necessary includes added, but this is for the next time. We also
have lots of direct usages of memset_s() in heimdal code.
Cc: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
|
|
Panic if memset_s() fails.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
|
