-/* $OpenBSD: explicit_bzero.c,v 1.6 2014/07/11 01:10:35 matthew Exp $ */
+/* $OpenBSD: explicit_bzero.c,v 1.7 2021/03/27 11:17:58 bcook Exp $ */
/*
* Copyright (c) 2014 Google Inc.
*
#include <assert.h>
#include <errno.h>
#include <signal.h>
+#include <stdlib.h>
#include <string.h>
#include <unistd.h>
SECRETBYTES = SECRETCOUNT * sizeof(secret)
};
-static char altstack[SIGSTKSZ + SECRETBYTES];
+/*
+ * As of glibc 2.34, when _GNU_SOURCE is defined, SIGSTKSZ is no longer
+ * constant on Linux. SIGSTKSZ is redefined to sysconf (_SC_SIGSTKSZ).
+ */
+static char *altstack;
+#define ALTSTACK_SIZE (SIGSTKSZ + SECRETBYTES)
static void
setup_stack(void)
{
+ altstack = calloc(1, ALTSTACK_SIZE);
+ ASSERT_NE(NULL, altstack);
+
const stack_t sigstk = {
.ss_sp = altstack,
- .ss_size = sizeof(altstack),
+ .ss_size = ALTSTACK_SIZE
};
ASSERT_EQ(0, sigaltstack(&sigstk, NULL));
}
+static void
+cleanup_stack(void)
+{
+ free(altstack);
+}
+
static void
assert_on_stack(void)
{
char buf[SECRETBYTES];
assert_on_stack();
populate_secret(buf, sizeof(buf));
- char *res = memmem(altstack, sizeof(altstack), buf, sizeof(buf));
+ char *res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
ASSERT_NE(NULL, res);
return (res);
}
char buf[SECRETBYTES];
assert_on_stack();
populate_secret(buf, sizeof(buf));
- char *res = memmem(altstack, sizeof(altstack), buf, sizeof(buf));
+ char *res = memmem(altstack, ALTSTACK_SIZE, buf, sizeof(buf));
ASSERT_NE(NULL, res);
explicit_bzero(buf, sizeof(buf));
return (res);
* on the stack. This sanity checks that call_on_stack() and
* populate_secret() work as intended.
*/
- memset(altstack, 0, sizeof(altstack));
+ memset(altstack, 0, ALTSTACK_SIZE);
call_on_stack(do_test_without_bzero);
/*
* Now test with a call to explicit_bzero() and check that we
* *don't* find any instances of the secret data.
*/
- memset(altstack, 0, sizeof(altstack));
+ memset(altstack, 0, ALTSTACK_SIZE);
call_on_stack(do_test_with_bzero);
+ cleanup_stack();
+
return (0);
}
projects / openbsd / commitdiff