You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by mt...@apache.org on 2009/08/16 19:16:10 UTC

svn commit: r804722 - in /commons/sandbox/runtime/trunk/src/main/native: include/acr_sbuf.h include/arch/unix/acr_arch.h include/arch/windows/acr_arch.h shared/md5.c shared/sbuf.c shared/sha1.c shared/sha2.c

Author: mturk
Date: Sun Aug 16 17:16:10 2009
New Revision: 804722

URL: http://svn.apache.org/viewvc?rev=804722&view=rev
Log:
Use secure version of memzero

Modified:
    commons/sandbox/runtime/trunk/src/main/native/include/acr_sbuf.h
    commons/sandbox/runtime/trunk/src/main/native/include/arch/unix/acr_arch.h
    commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h
    commons/sandbox/runtime/trunk/src/main/native/shared/md5.c
    commons/sandbox/runtime/trunk/src/main/native/shared/sbuf.c
    commons/sandbox/runtime/trunk/src/main/native/shared/sha1.c
    commons/sandbox/runtime/trunk/src/main/native/shared/sha2.c

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr_sbuf.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr_sbuf.h?rev=804722&r1=804721&r2=804722&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr_sbuf.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr_sbuf.h Sun Aug 16 17:16:10 2009
@@ -82,6 +82,7 @@
 int      acr_sbuf_putc(acr_sbuf_t *, int);
 int      acr_sbuf_rtrim(acr_sbuf_t *);
 char    *acr_sbuf_ltrim(acr_sbuf_t *);
+char    *acr_sbuf_trim(acr_sbuf_t *);
 int      acr_sbuf_overflowed(acr_sbuf_t *);
 void     acr_sbuf_finish(acr_sbuf_t *);
 char    *acr_sbuf_data(acr_sbuf_t *);

Modified: commons/sandbox/runtime/trunk/src/main/native/include/arch/unix/acr_arch.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/arch/unix/acr_arch.h?rev=804722&r1=804721&r2=804722&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/arch/unix/acr_arch.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/arch/unix/acr_arch.h Sun Aug 16 17:16:10 2009
@@ -109,6 +109,23 @@
 }
 
 /**
+ * Secure version of zero memory
+ * It should force compiler to always set the
+ * memory to zero
+ */
+static ACR_FORCEINLINE void *x_memzero(void *p, size_t len)
+{
+    volatile char *ptr = (volatile char *)p;
+    
+    while (len) {
+        *ptr = 0;
+        ptr++;
+        len--;
+    } 
+    return p;
+}
+
+/**
  * Read the content of a txt file, up to the ACR_MAX_FREAD_LEN
  * and remove all trailing space and control characters.
  * @param name The file name to read.

Modified: commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h?rev=804722&r1=804721&r2=804722&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/arch/windows/acr_arch.h Sun Aug 16 17:16:10 2009
@@ -300,6 +300,24 @@
 #define ACR_IOH_FLAGS(H)    acr_ioh_tab[(H) & acr_ioh_mask].flags
 #define ACR_IOH(H)          acr_ioh_tab[(H) & acr_ioh_mask].h
 
+static ACR_INLINE void FileTimeToAprTime(acr_time_t *result, LPFILETIME input)
+{
+    /* Convert FILETIME one 64 bit number so we can work with it. */
+    *result  = ((LARGE_INTEGER *)input)->QuadPart;
+    /* Convert from 100 nano-sec periods to micro-seconds. */
+    *result /= 10;
+    /* Convert from Windows epoch to Unix epoch */
+    *result -= ACR_DELTA_EPOCH_IN_USEC;
+    return;
+}
+
+
+static ACR_INLINE void AprTimeToFileTime(LPFILETIME result, acr_time_t t)
+{
+    ((LARGE_INTEGER *)result)->QuadPart = (t + ACR_DELTA_EPOCH_IN_USEC) * 10;
+    return;
+}
+
 static ACR_INLINE void x_free(void *p)
 {
     if (p != NULL) {
@@ -312,7 +330,7 @@
     if (size > 0 && size < INT_MAX)
         return calloc(1, size);
     else {
-        SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+        errno = ENOMEM;
         return NULL;
     }
 }
@@ -322,27 +340,26 @@
     if (size > 0 && size < INT_MAX)
         return calloc(1, size);
     else {
-        SetLastError(ERROR_NOT_ENOUGH_MEMORY);
+        errno = ENOMEM;
         return NULL;
     }
 }
 
-static ACR_INLINE void FileTimeToAprTime(acr_time_t *result, LPFILETIME input)
-{
-    /* Convert FILETIME one 64 bit number so we can work with it. */
-    *result  = ((LARGE_INTEGER *)input)->QuadPart;
-    /* Convert from 100 nano-sec periods to micro-seconds. */
-    *result /= 10;
-    /* Convert from Windows epoch to Unix epoch */
-    *result -= ACR_DELTA_EPOCH_IN_USEC;
-    return;
-}
-
-
-static ACR_INLINE void AprTimeToFileTime(LPFILETIME result, acr_time_t t)
+/**
+ * Secure version of zero memory
+ * It should force compiler to always set the
+ * memory to zero
+ */
+static ACR_FORCEINLINE void *x_memzero(void *p, size_t len)
 {
-    ((LARGE_INTEGER *)result)->QuadPart = (t + ACR_DELTA_EPOCH_IN_USEC) * 10;
-    return;
+    volatile char *ptr = (volatile char *)p;
+    
+    while (len) {
+        *ptr = 0;
+        ptr++;
+        len--;
+    } 
+    return p;
 }
 
 struct dirent {

Modified: commons/sandbox/runtime/trunk/src/main/native/shared/md5.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/md5.c?rev=804722&r1=804721&r2=804722&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/md5.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/md5.c Sun Aug 16 17:16:10 2009
@@ -32,6 +32,7 @@
  */
 
 #include "acr.h"
+#include "acr_arch.h"
 #include "acr_private.h"
 #include "acr_error.h"
 #include "acr_string.h"
@@ -280,7 +281,7 @@
     if (digest != NULL) {
         for (i = 0; i < 4; i++)
             PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
-        memset(ctx, 0, sizeof(*ctx));
+        x_memzero(ctx, sizeof(*ctx));
     }
 }
 
@@ -302,7 +303,7 @@
     }
     out[x] = '\0';
 
-    memset(digest, 0, sizeof(digest));
+    x_memzero(digest, sizeof(digest));
     return out;
 }
 
@@ -324,7 +325,7 @@
     }
     out[x] = L'\0';
 
-    memset(digest, 0, sizeof(digest));
+    x_memzero(digest, sizeof(digest));
     return out;
 }
 

Modified: commons/sandbox/runtime/trunk/src/main/native/shared/sbuf.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/sbuf.c?rev=804722&r1=804721&r2=804722&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/sbuf.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/sbuf.c Sun Aug 16 17:16:10 2009
@@ -418,6 +418,24 @@
 }
 
 /*
+ * Trim the sbuf.
+ */
+char *
+acr_sbuf_trim(acr_sbuf_t *s)
+{
+
+    char *p = s->s_buf;
+
+    acr_sbuf_rtrim(s);
+    acr_sbuf_finish(s);
+
+    while (*p && acr_isspace(*p))
+        p++;
+
+    return p;
+}
+
+/*
  * Check if an sbuf overflowed
  */
 int

Modified: commons/sandbox/runtime/trunk/src/main/native/shared/sha1.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/sha1.c?rev=804722&r1=804721&r2=804722&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/sha1.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/sha1.c Sun Aug 16 17:16:10 2009
@@ -34,6 +34,7 @@
  */
 
 #include "acr.h"
+#include "acr_arch.h"
 #include "acr_private.h"
 #include "acr_error.h"
 #include "acr_string.h"
@@ -212,7 +213,7 @@
             digest[i] = (acr_byte_t)
                ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
         }
-        memset(context, 0, sizeof(*context));
+        x_memzero(context, sizeof(*context));
     }
 }
 
@@ -234,7 +235,7 @@
     }
     out[x] = '\0';
 
-    memset(digest, 0, sizeof(digest));
+    x_memzero(digest, sizeof(digest));
     return out;
 }
 
@@ -258,7 +259,7 @@
     }
     out[x] = L'\0';
 
-    memset(digest, 0, sizeof(digest));
+    x_memzero(digest, sizeof(digest));
     return out;
 }
 

Modified: commons/sandbox/runtime/trunk/src/main/native/shared/sha2.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/shared/sha2.c?rev=804722&r1=804721&r2=804722&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/shared/sha2.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/shared/sha2.c Sun Aug 16 17:16:10 2009
@@ -39,6 +39,7 @@
  */
 
 #include "acr.h"
+#include "acr_arch.h"
 #include "acr_private.h"
 #include "acr_error.h"
 #include "acr_string.h"
@@ -854,7 +855,7 @@
 #else
         memcpy(digest, context->state.st64, ACR_SHA512_DIGEST_LENGTH);
 #endif
-        memset(context, 0, sizeof(*context));
+        x_memzero(context, sizeof(*context));
     }
 }
 
@@ -876,7 +877,7 @@
     }
     out[x] = '\0';
 
-    memset(digest, 0, sizeof(digest));
+    x_memzero(digest, sizeof(digest));
     return out;
 }
 
@@ -900,7 +901,7 @@
     }
     out[x] = L'\0';
 
-    memset(digest, 0, sizeof(digest));
+    x_memzero(digest, sizeof(digest));
     return out;
 }