mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 01:24:21 +01:00
Use plain memset() for freshly allocated objects
This commits reverts to plain memset() for cases like: some_type foo; memset( &foo, 0, sizeof( foo ) ); (Sometimes there is code between declaration in memset(), but it doesn't matter as long as it doesn't touch foo.) The reasoning is the same as in the previous commit: the stack shouldn't contain sensitive data as we carefully wipe it after use.
This commit is contained in:
parent
994193326b
commit
54526c3c89
@ -391,7 +391,7 @@ int mbedtls_asn1_get_alg_null( unsigned char **p,
|
|||||||
int ret;
|
int ret;
|
||||||
mbedtls_asn1_buf params;
|
mbedtls_asn1_buf params;
|
||||||
|
|
||||||
mbedtls_platform_memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) );
|
memset( ¶ms, 0, sizeof(mbedtls_asn1_buf) );
|
||||||
|
|
||||||
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, ¶ms ) ) != 0 )
|
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, ¶ms ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
@ -211,7 +211,7 @@ static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
|
|||||||
|
|
||||||
|
|
||||||
/* Start CBC-MAC with first block */
|
/* Start CBC-MAC with first block */
|
||||||
mbedtls_platform_memset( y, 0, 16 );
|
memset( y, 0, 16 );
|
||||||
UPDATE_CBC_MAC;
|
UPDATE_CBC_MAC;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -370,7 +370,7 @@ int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
|
|||||||
}
|
}
|
||||||
while( ! done );
|
while( ! done );
|
||||||
|
|
||||||
mbedtls_platform_memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
|
||||||
|
|
||||||
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
|
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
|
||||||
/*
|
/*
|
||||||
|
@ -178,7 +178,7 @@ static int hmac_drbg_reseed_core( mbedtls_hmac_drbg_context *ctx,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_platform_memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
|
memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
|
||||||
|
|
||||||
/* IV. Gather entropy_len bytes of entropy for the seed */
|
/* IV. Gather entropy_len bytes of entropy for the seed */
|
||||||
if( ( ret = ctx->f_entropy( ctx->p_entropy,
|
if( ( ret = ctx->f_entropy( ctx->p_entropy,
|
||||||
|
@ -3376,7 +3376,7 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
|||||||
const size_t max_len = rec->data_len + padlen;
|
const size_t max_len = rec->data_len + padlen;
|
||||||
const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0;
|
const size_t min_len = ( max_len > 256 ) ? max_len - 256 : 0;
|
||||||
|
|
||||||
mbedtls_platform_memset( tmp, 0, sizeof( tmp ) );
|
memset( tmp, 0, sizeof( tmp ) );
|
||||||
|
|
||||||
switch( mbedtls_md_get_type(
|
switch( mbedtls_md_get_type(
|
||||||
mbedtls_md_get_handle( &transform->md_ctx_dec ) ) )
|
mbedtls_md_get_handle( &transform->md_ctx_dec ) ) )
|
||||||
|
@ -943,7 +943,7 @@ int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn )
|
|||||||
const char *short_name = NULL;
|
const char *short_name = NULL;
|
||||||
char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p;
|
char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p;
|
||||||
|
|
||||||
mbedtls_platform_memset( s, 0, sizeof( s ) );
|
memset( s, 0, sizeof( s ) );
|
||||||
|
|
||||||
name = dn;
|
name = dn;
|
||||||
p = buf;
|
p = buf;
|
||||||
|
@ -2271,7 +2271,7 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
|
|||||||
p = buf;
|
p = buf;
|
||||||
n = size;
|
n = size;
|
||||||
|
|
||||||
mbedtls_platform_memset( &sig_info, 0, sizeof( mbedtls_x509_crt_sig_info ) );
|
memset( &sig_info, 0, sizeof( mbedtls_x509_crt_sig_info ) );
|
||||||
mbedtls_pk_init( &pk );
|
mbedtls_pk_init( &pk );
|
||||||
|
|
||||||
if( NULL == crt )
|
if( NULL == crt )
|
||||||
|
Loading…
Reference in New Issue
Block a user