aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ConfigureChecks.cmake12
-rw-r--r--config.h.cmake2
-rw-r--r--include/libssh/priv.h37
3 files changed, 49 insertions, 2 deletions
diff --git a/ConfigureChecks.cmake b/ConfigureChecks.cmake
index fa561d1a..001dfd68 100644
--- a/ConfigureChecks.cmake
+++ b/ConfigureChecks.cmake
@@ -181,6 +181,18 @@ int main(void) {
return 0;
}" HAVE_MSC_THREAD_LOCAL_STORAGE)
+check_c_source_compiles("
+#include <string.h>
+
+int main(void)
+{
+ char buf[] = \"This is some content\";
+
+ memset(buf, '\\\\0', sizeof(buf)); __asm__ volatile(\"\" : : \"r\"(&buf) : \"memory\");
+
+ return 0;
+}" HAVE_GCC_VOLATILE_MEMORY_PROTECTION)
+
if (WITH_DEBUG_CRYPTO)
set(DEBUG_CRYPTO 1)
endif (WITH_DEBUG_CRYPTO)
diff --git a/config.h.cmake b/config.h.cmake
index 16c60529..18d82e4b 100644
--- a/config.h.cmake
+++ b/config.h.cmake
@@ -126,6 +126,8 @@
#cmakedefine HAVE_GCC_THREAD_LOCAL_STORAGE 1
#cmakedefine HAVE_MSC_THREAD_LOCAL_STORAGE 1
+#cmakedefine HAVE_GCC_VOLATILE_MEMORY_PROTECTION 1
+
/* Define to 1 if you want to enable GSSAPI */
#cmakedefine WITH_GSSAPI 1
diff --git a/include/libssh/priv.h b/include/libssh/priv.h
index abf307ad..44806ab6 100644
--- a/include/libssh/priv.h
+++ b/include/libssh/priv.h
@@ -137,6 +137,17 @@ int gettimeofday(struct timeval *__p, void *__t);
# define LIBSSH_THREAD
#endif
+/*
+ * This makes sure that the compiler doesn't optimize out the code
+ *
+ * Use it in a macro where the provided variable is 'x'.
+ */
+#if defined(HAVE_GCC_VOLATILE_MEMORY_PROTECTION)
+# define LIBSSH_MEM_PROTECTION __asm__ volatile("" : : "r"(&(x)) : "memory")
+#else
+# define LIBSSH_MEM_PROTECTION
+#endif
+
#ifdef HAVE_SYS_TIME_H
#include <sys/time.h>
#endif
@@ -226,11 +237,33 @@ int match_hostname(const char *host, const char *pattern, unsigned int len);
/** Get the size of an array */
#define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
+/*
+ * See http://llvm.org/bugs/show_bug.cgi?id=15495
+ */
+#if defined(HAVE_GCC_VOLATILE_MEMORY_PROTECTION)
+/** Overwrite a string with '\0' */
+# define BURN_STRING(x) do { \
+ if ((x) != NULL) \
+ memset((x), '\0', strlen((x))); __asm__ volatile("" : : "r"(&(x)) : "memory"); \
+ } while(0)
+
+/** Overwrite the buffer with '\0' */
+# define BURN_BUFFER(x, size) do { \
+ if ((x) != NULL) \
+ memset((x), '\0', (size))); __asm__ volatile("" : : "r"(&(x)) : "memory"); \
+ } while(0)
+#else /* HAVE_GCC_VOLATILE_MEMORY_PROTECTION */
/** Overwrite a string with '\0' */
-#define BURN_STRING(x) do { if ((x) != NULL) memset((x), '\0', strlen((x))); __asm__ volatile ("" : : : "memory"); } while(0)
+# define BURN_STRING(x) do { \
+ if ((x) != NULL) memset((x), '\0', strlen((x))); \
+ } while(0)
/** Overwrite the buffer with '\0' */
-#define BURN_BUFFER(x, size) do { if ((x) != NULL) memset((x), '\0', (size))); __asm__ volatile ("") : : : "memory"; } while(0)
+# define BURN_BUFFER(x, size) do { \
+ if ((x) != NULL) \
+ memset((x), '\0', (size))); __asm__ volatile("" : : "r"(&(x)) : "memory"); \
+ } while(0)
+#endif /* HAVE_GCC_VOLATILE_MEMORY_PROTECTION */
/**
* This is a hack to fix warnings. The idea is to use this everywhere that we