From d98d9538446cc9ad300c632394322ced8a8945b0 Mon Sep 17 00:00:00 2001 From: Dmitry Volyntsev Date: Tue, 2 Oct 2018 20:28:10 +0300 Subject: [PATCH] Added nxt_memzero() and nxt_explicit_memzero(). Thanks to David CARLIER. --- njs/njs.c | 4 ++-- njs/njs_crypto.c | 5 +++-- njs/njs_date.c | 4 ++-- njs/njs_function.c | 2 +- njs/njs_shell.c | 4 ++-- njs/test/njs_benchmark.c | 2 +- njs/test/njs_interactive_test.c | 2 +- njs/test/njs_unit_test.c | 4 ++-- nxt/auto/configure | 1 + nxt/auto/explicit_bzero | 40 +++++++++++++++++++++++++++++++++ nxt/nxt_array.c | 3 ++- nxt/nxt_lvlhsh.c | 2 +- nxt/nxt_lvlhsh.h | 2 +- nxt/nxt_md5.c | 7 +++--- nxt/nxt_mem_cache_pool.c | 5 +++-- nxt/nxt_sha1.c | 7 +++--- nxt/nxt_sha2.c | 7 +++--- nxt/nxt_string.h | 15 +++++++++++++ nxt/test/lvlhsh_unit_test.c | 4 ++-- 19 files changed, 91 insertions(+), 29 deletions(-) create mode 100644 nxt/auto/explicit_bzero diff --git a/njs/njs.c b/njs/njs.c index 3771a81e..e63e12f7 100644 --- a/njs/njs.c +++ b/njs/njs.c @@ -28,7 +28,7 @@ njs_zalloc(void *mem, size_t size) p = nxt_malloc(size); if (p != NULL) { - memset(p, 0, size); + nxt_memzero(p, size); } return p; @@ -392,7 +392,7 @@ njs_vm_init(njs_vm_t *vm) return NXT_ERROR; } - memset(frame, 0, NJS_GLOBAL_FRAME_SIZE); + nxt_memzero(frame, NJS_GLOBAL_FRAME_SIZE); vm->top_frame = &frame->native; vm->active_frame = frame; diff --git a/njs/njs_crypto.c b/njs/njs_crypto.c index ef1318b8..74e680a0 100644 --- a/njs/njs_crypto.c +++ b/njs/njs_crypto.c @@ -422,11 +422,12 @@ njs_crypto_create_hmac(njs_vm_t *vm, njs_value_t *args, nxt_uint_t nargs, alg->final(digest, &ctx->u); memcpy(key_buf, digest, alg->size); - memset(key_buf + alg->size, 0, sizeof(key_buf) - alg->size); + nxt_explicit_memzero(key_buf + alg->size, sizeof(key_buf) - alg->size); } else { memcpy(key_buf, key.start, key.length); - memset(key_buf + key.length, 0, sizeof(key_buf) - key.length); + nxt_explicit_memzero(key_buf + key.length, + sizeof(key_buf) - key.length); } for (i = 0; i < 64; i++) { diff --git a/njs/njs_date.c b/njs/njs_date.c index b08c75c9..591e46b8 100644 --- a/njs/njs_date.c +++ b/njs/njs_date.c @@ -81,7 +81,7 @@ njs_date_constructor(njs_vm_t *vm, njs_value_t *args, nxt_uint_t nargs, time = njs_date_string_parse(&args[1]); } else { - memset(values, 0, 8 * sizeof(int64_t)); + nxt_memzero(values, 8 * sizeof(int64_t)); /* Month. */ values[2] = 1; @@ -165,7 +165,7 @@ njs_date_utc(njs_vm_t *vm, njs_value_t *args, nxt_uint_t nargs, time = NAN; if (nargs > 2) { - memset(values, 0, 8 * sizeof(int32_t)); + nxt_memzero(values, 8 * sizeof(int32_t)); n = nxt_min(8, nargs); diff --git a/njs/njs_function.c b/njs/njs_function.c index 96d50d8a..48269fe1 100644 --- a/njs/njs_function.c +++ b/njs/njs_function.c @@ -262,7 +262,7 @@ njs_function_frame_alloc(njs_vm_t *vm, size_t size) vm->stack_size += spare_size; } - memset(frame, 0, sizeof(njs_native_frame_t)); + nxt_memzero(frame, sizeof(njs_native_frame_t)); frame->size = chunk_size; frame->free_size = spare_size - size; diff --git a/njs/njs_shell.c b/njs/njs_shell.c index 7915b8bf..dc083ee0 100644 --- a/njs/njs_shell.c +++ b/njs/njs_shell.c @@ -130,7 +130,7 @@ main(int argc, char **argv) njs_opts_t opts; njs_vm_opt_t vm_options; - memset(&opts, 0, sizeof(njs_opts_t)); + nxt_memzero(&opts, sizeof(njs_opts_t)); opts.interactive = 1; ret = njs_get_options(&opts, argc, argv); @@ -143,7 +143,7 @@ main(int argc, char **argv) return EXIT_SUCCESS; } - memset(&vm_options, 0, sizeof(njs_vm_opt_t)); + nxt_memzero(&vm_options, sizeof(njs_vm_opt_t)); vm_options.accumulative = 1; vm_options.backtrace = 1; diff --git a/njs/test/njs_benchmark.c b/njs/test/njs_benchmark.c index 45c625a4..f28eeda4 100644 --- a/njs/test/njs_benchmark.c +++ b/njs/test/njs_benchmark.c @@ -26,7 +26,7 @@ njs_unit_test_benchmark(nxt_str_t *script, nxt_str_t *result, const char *msg, njs_vm_opt_t options; struct rusage usage; - memset(&options, 0, sizeof(njs_vm_opt_t)); + nxt_memzero(&options, sizeof(njs_vm_opt_t)); vm = NULL; nvm = NULL; diff --git a/njs/test/njs_interactive_test.c b/njs/test/njs_interactive_test.c index 04069abf..f70787f4 100644 --- a/njs/test/njs_interactive_test.c +++ b/njs/test/njs_interactive_test.c @@ -245,7 +245,7 @@ njs_interactive_test(nxt_bool_t verbose) fflush(stdout); } - memset(&options, 0, sizeof(njs_vm_opt_t)); + nxt_memzero(&options, sizeof(njs_vm_opt_t)); options.accumulative = 1; options.backtrace = 1; diff --git a/njs/test/njs_unit_test.c b/njs/test/njs_unit_test.c index ada29e23..259f0bd7 100644 --- a/njs/test/njs_unit_test.c +++ b/njs/test/njs_unit_test.c @@ -10233,7 +10233,7 @@ njs_unit_test(nxt_bool_t disassemble, nxt_bool_t verbose) fflush(stdout); } - memset(&options, 0, sizeof(njs_vm_opt_t)); + nxt_memzero(&options, sizeof(njs_vm_opt_t)); vm = njs_vm_create(&options); if (vm == NULL) { @@ -10380,7 +10380,7 @@ njs_api_test(nxt_bool_t disassemble, nxt_bool_t verbose) rc = NXT_ERROR; vm = NULL; - memset(&options, 0, sizeof(njs_vm_opt_t)); + nxt_memzero(&options, sizeof(njs_vm_opt_t)); for (i = 0; i < nxt_nitems(njs_api_test); i++) { test = &njs_api_test[i]; diff --git a/nxt/auto/configure b/nxt/auto/configure index 9ffb24d4..e0ad6328 100755 --- a/nxt/auto/configure +++ b/nxt/auto/configure @@ -54,6 +54,7 @@ END . ${NXT_AUTO}time . ${NXT_AUTO}memalign . ${NXT_AUTO}getrandom +. ${NXT_AUTO}explicit_bzero . ${NXT_AUTO}pcre . ${NXT_AUTO}editline . ${NXT_AUTO}expect diff --git a/nxt/auto/explicit_bzero b/nxt/auto/explicit_bzero new file mode 100644 index 00000000..d26f0cc3 --- /dev/null +++ b/nxt/auto/explicit_bzero @@ -0,0 +1,40 @@ + +# Copyright (C) Igor Sysoev +# Copyright (C) NGINX, Inc. + + +# Linux (glibc and musl from 1.1.20), OpenBSD, FreeBSD and NetBSD. + +nxt_feature="explicit_bzero()" +nxt_feature_name=NXT_HAVE_EXPLICIT_BZERO +nxt_feature_run=yes +nxt_feature_incs= +nxt_feature_libs= +nxt_feature_test="#include + #include + + int main(void) { + int r; + + explicit_bzero(&r, sizeof(r)); + return 0; + }" +. ${NXT_AUTO}feature + + +if [ $nxt_found = no ]; then + + # NetBSD has explicit_memset instead. + + nxt_feature="explicit_memset()" + nxt_feature_name=NXT_HAVE_EXPLICIT_MEMSET + nxt_feature_test="#include + + int main(void) { + int r; + + explicit_memset(&r, 0, sizeof(r)); + return 0; + }" + . ${NXT_AUTO}feature +fi diff --git a/nxt/nxt_array.c b/nxt/nxt_array.c index ea1cd3cc..6d4ecbdd 100644 --- a/nxt/nxt_array.c +++ b/nxt/nxt_array.c @@ -9,6 +9,7 @@ #include #include #include +#include #include @@ -140,7 +141,7 @@ nxt_array_zero_add(nxt_array_t *array, const nxt_mem_proto_t *proto, void *pool) item = nxt_array_add(array, proto, pool); if (nxt_fast_path(item != NULL)) { - memset(item, 0, array->item_size); + nxt_memzero(item, array->item_size); } return item; diff --git a/nxt/nxt_lvlhsh.c b/nxt/nxt_lvlhsh.c index b0f57473..0b554e55 100644 --- a/nxt/nxt_lvlhsh.c +++ b/nxt/nxt_lvlhsh.c @@ -465,7 +465,7 @@ nxt_lvlhsh_convert_bucket_to_level(nxt_lvlhsh_query_t *lhq, void **slot, return NXT_ERROR; } - memset(lvl, 0, size * (sizeof(void *))); + nxt_memzero(lvl, size * (sizeof(void *))); level = lvl; shift = 0; diff --git a/nxt/nxt_lvlhsh.h b/nxt/nxt_lvlhsh.h index d5d8e709..7bcc8314 100644 --- a/nxt/nxt_lvlhsh.h +++ b/nxt/nxt_lvlhsh.h @@ -176,7 +176,7 @@ typedef struct { #define nxt_lvlhsh_each_init(lhe, _proto) \ do { \ - memset(lhe, 0, sizeof(nxt_lvlhsh_each_t)); \ + nxt_memzero(lhe, sizeof(nxt_lvlhsh_each_t)); \ (lhe)->proto = _proto; \ } while (0) diff --git a/nxt/nxt_md5.c b/nxt/nxt_md5.c index 9957b68b..5382021f 100644 --- a/nxt/nxt_md5.c +++ b/nxt/nxt_md5.c @@ -10,6 +10,7 @@ #include #include #include +#include #include @@ -72,13 +73,13 @@ nxt_md5_final(u_char result[16], nxt_md5_t *ctx) free = 64 - used; if (free < 8) { - memset(&ctx->buffer[used], 0, free); + nxt_memzero(&ctx->buffer[used], free); (void) nxt_md5_body(ctx, ctx->buffer, 64); used = 0; free = 64; } - memset(&ctx->buffer[used], 0, free - 8); + nxt_memzero(&ctx->buffer[used], free - 8); ctx->bytes <<= 3; ctx->buffer[56] = (u_char) ctx->bytes; @@ -109,7 +110,7 @@ nxt_md5_final(u_char result[16], nxt_md5_t *ctx) result[14] = (u_char) (ctx->d >> 16); result[15] = (u_char) (ctx->d >> 24); - memset(ctx, 0, sizeof(*ctx)); + nxt_memzero(ctx, sizeof(*ctx)); } diff --git a/nxt/nxt_mem_cache_pool.c b/nxt/nxt_mem_cache_pool.c index 3deeeb41..c8757ad7 100644 --- a/nxt/nxt_mem_cache_pool.c +++ b/nxt/nxt_mem_cache_pool.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -322,7 +323,7 @@ nxt_mem_cache_zalloc(nxt_mem_cache_pool_t *pool, size_t size) p = nxt_mem_cache_alloc(pool, size); if (nxt_fast_path(p != NULL)) { - memset(p, 0, size); + nxt_memzero(p, size); } return p; @@ -368,7 +369,7 @@ nxt_mem_cache_zalign(nxt_mem_cache_pool_t *pool, size_t alignment, size_t size) p = nxt_mem_cache_align(pool, alignment, size); if (nxt_fast_path(p != NULL)) { - memset(p, 0, size); + nxt_memzero(p, size); } return p; diff --git a/nxt/nxt_sha1.c b/nxt/nxt_sha1.c index 6c35e82c..2b96cdc3 100644 --- a/nxt/nxt_sha1.c +++ b/nxt/nxt_sha1.c @@ -11,6 +11,7 @@ #include #include #include +#include #include @@ -74,13 +75,13 @@ nxt_sha1_final(u_char result[20], nxt_sha1_t *ctx) free = 64 - used; if (free < 8) { - memset(&ctx->buffer[used], 0, free); + nxt_memzero(&ctx->buffer[used], free); (void) nxt_sha1_body(ctx, ctx->buffer, 64); used = 0; free = 64; } - memset(&ctx->buffer[used], 0, free - 8); + nxt_memzero(&ctx->buffer[used], free - 8); ctx->bytes <<= 3; ctx->buffer[56] = (u_char) (ctx->bytes >> 56); @@ -115,7 +116,7 @@ nxt_sha1_final(u_char result[20], nxt_sha1_t *ctx) result[18] = (u_char) (ctx->e >> 8); result[19] = (u_char) ctx->e; - memset(ctx, 0, sizeof(*ctx)); + nxt_memzero(ctx, sizeof(*ctx)); } diff --git a/nxt/nxt_sha2.c b/nxt/nxt_sha2.c index ecf4c936..9a52ae4d 100644 --- a/nxt/nxt_sha2.c +++ b/nxt/nxt_sha2.c @@ -11,6 +11,7 @@ #include #include #include +#include #include @@ -77,13 +78,13 @@ nxt_sha2_final(u_char result[32], nxt_sha2_t *ctx) free = 64 - used; if (free < 8) { - memset(&ctx->buffer[used], 0, free); + nxt_memzero(&ctx->buffer[used], free); (void) nxt_sha2_body(ctx, ctx->buffer, 64); used = 0; free = 64; } - memset(&ctx->buffer[used], 0, free - 8); + nxt_memzero(&ctx->buffer[used], free - 8); ctx->bytes <<= 3; ctx->buffer[56] = (u_char) (ctx->bytes >> 56); @@ -130,7 +131,7 @@ nxt_sha2_final(u_char result[32], nxt_sha2_t *ctx) result[30] = (u_char) (ctx->h >> 8); result[31] = (u_char) ctx->h; - memset(ctx, 0, sizeof(*ctx)); + nxt_memzero(ctx, sizeof(*ctx)); } diff --git a/nxt/nxt_string.h b/nxt/nxt_string.h index f1996262..f3b1b147 100644 --- a/nxt/nxt_string.h +++ b/nxt/nxt_string.h @@ -44,6 +44,21 @@ nxt_upper_case(u_char c) #define nxt_cpymem(dst, src, n) (((u_char *) memcpy(dst, src, n)) + (n)) +#define nxt_memzero(buf, length) (void) (memset(buf, 0, length)) + + +#if (NXT_HAVE_EXPLICIT_BZERO) +#define nxt_explicit_memzero(buf, length) \ + (void) (explicit_bzero(buf, length)) +#elif (NXT_HAVE_EXPLICIT_MEMSET) +#define nxt_explicit_memzero(buf, length) \ + (void) (explicit_memset(buf, 0, length)) +#else +#define nxt_explicit_memzero(buf, length) \ + nxt_memzero(buf, length) +#endif + + #define nxt_strstr_eq(s1, s2) \ (((s1)->length == (s2)->length) \ && (memcmp((s1)->start, (s2)->start, (s1)->length) == 0)) diff --git a/nxt/test/lvlhsh_unit_test.c b/nxt/test/lvlhsh_unit_test.c index dbad6d65..7ed6d6ee 100644 --- a/nxt/test/lvlhsh_unit_test.c +++ b/nxt/test/lvlhsh_unit_test.c @@ -146,7 +146,7 @@ lvlhsh_zalloc(void *mem, size_t size) p = nxt_malloc(size); if (p != NULL) { - memset(p, 0, size); + nxt_memzero(p, size); } return p; @@ -216,7 +216,7 @@ lvlhsh_unit_test(nxt_uint_t n) printf("lvlhsh unit test started: %ld items\n", (long) n); - memset(&lh, 0, sizeof(nxt_lvlhsh_t)); + nxt_memzero(&lh, sizeof(nxt_lvlhsh_t)); key = 0; for (i = 0; i < n; i++) { -- 2.47.3