svn commit: r332395 - head/sys/kern
Ian Lepore
ian at FreeBSD.org
Tue Apr 10 22:57:57 UTC 2018
Author: ian
Date: Tue Apr 10 22:57:56 2018
New Revision: 332395
URL: https://svnweb.freebsd.org/changeset/base/332395
Log:
Use explicit_bzero() when cleaning values out of the kernel environment.
Sometimes the values contain geli passphrases being communicated from
loader(8) to the kernel, and some day the compiler may decide to start
eliding calls to memset() for a pointer which is not dereferenced again
before being passed to free().
Modified:
head/sys/kern/kern_environment.c
Modified: head/sys/kern/kern_environment.c
==============================================================================
--- head/sys/kern/kern_environment.c Tue Apr 10 22:32:31 2018 (r332394)
+++ head/sys/kern/kern_environment.c Tue Apr 10 22:57:56 2018 (r332395)
@@ -289,7 +289,7 @@ init_dynamic_kenv(void *data __unused)
if (i < KENV_SIZE) {
kenvp[i] = malloc(len, M_KENV, M_WAITOK);
strcpy(kenvp[i++], cp);
- memset(cp, 0, strlen(cp));
+ explicit_bzero(cp, strlen(cp));
} else
printf(
"WARNING: too many kenv strings, ignoring %s\n",
@@ -308,7 +308,7 @@ freeenv(char *env)
{
if (dynamic_kenv && env != NULL) {
- memset(env, 0, strlen(env));
+ explicit_bzero(env, strlen(env));
free(env, M_KENV);
}
}
@@ -486,7 +486,7 @@ kern_unsetenv(const char *name)
kenvp[i++] = kenvp[j];
kenvp[i] = NULL;
mtx_unlock(&kenv_lock);
- memset(oldenv, 0, strlen(oldenv));
+ explicit_bzero(oldenv, strlen(oldenv));
free(oldenv, M_KENV);
return (0);
}
More information about the svn-src-head
mailing list