aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlberto Aguirre <albaguirre@gmail.com>2018-03-02 15:01:01 -0600
committerAndreas Schneider <asn@cryptomilk.org>2018-03-11 22:58:49 +0100
commit7e1e0e5098beeaf926dc53e35f9e9f35915d5515 (patch)
tree72baae65d5b8546e2c3885b2d0c3fb7bb31d07fc
parent3fa0e3959ced18fcc2d6e31c55ae658ba9bc43c5 (diff)
downloadlibssh-7e1e0e5098beeaf926dc53e35f9e9f35915d5515.tar.gz
libssh-7e1e0e5098beeaf926dc53e35f9e9f35915d5515.tar.xz
libssh-7e1e0e5098beeaf926dc53e35f9e9f35915d5515.zip
misc: Use SecureZeroMemory if available for explicit_bzero
Useful on Windows platforms where SecureZeroMemory is available. Signed-off-by: Alberto Aguirre <albaguirre@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
-rw-r--r--ConfigureChecks.cmake2
-rw-r--r--config.h.cmake3
-rw-r--r--src/misc.c2
3 files changed, 7 insertions, 0 deletions
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index f495faf0..fc42d982 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -180,6 +180,8 @@ if (WIN32)
check_function_exists(_strtoui64 HAVE__STRTOUI64)
set(HAVE_SELECT TRUE)
+
+ check_symbol_exists(SecureZeroMemory "windows.h" HAVE_SECURE_ZERO_MEMORY)
else (WIN32)
check_function_exists(poll HAVE_POLL)
check_function_exists(select HAVE_SELECT)
diff --git a/config.h.cmake b/config.h.cmake
index dea776ed..3a14b450 100644
--- a/config.h.cmake
+++ b/config.h.cmake
@@ -166,6 +166,9 @@
/* Define to 1 if you have the `memset_s' function. */
#cmakedefine HAVE_MEMSET_S 1
+/* Define to 1 if you have the `SecureZeroMemory' function. */
+#cmakedefine HAVE_SECURE_ZERO_MEMORY 1
+
/*************************** LIBRARIES ***************************/
/* Define to 1 if you have the `crypto' library (-lcrypto). */
diff --git a/src/misc.c b/src/misc.c
index c7b34f26..9f424281 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -1057,6 +1057,8 @@ void explicit_bzero(void *s, size_t n)
{
#if defined(HAVE_MEMSET_S)
memset_s(s, n, '\0', n);
+#elif defined(HAVE_SECURE_ZERO_MEMORY)
+ SecureZeroMemory(s, n);
#else
memset(s, '\0', n);
#if defined(HAVE_GCC_VOLATILE_MEMORY_PROTECTION)