add explicit_bzero implementation

maintainer's note: past sentiment was that, despite being imperfect
and unable to force clearing of all possible copies of sensitive data
(e.g. in registers, register spills, signal contexts left on the
stack, etc.) this function would be added if major implementations
agreed on it, which has happened -- several BSDs and glibc all include
it.

diff --git a/include/string.h b/include/string.h
index ce1dc3009e4bfcd0f4006717eb795a46758f9412..795a2abcd990ac1ecd3b7592d6948b897ec9cb68 100644 (file)
--- a/include/string.h
+++ b/include/string.h
@@ -82,6 +82,7 @@ void *memccpy (void *__restrict, const void *__restrict, int, size_t);
 char *strsep(char **, const char *);
 size_t strlcat (char *, const char *, size_t);
 size_t strlcpy (char *, const char *, size_t);
+void explicit_bzero (void *, size_t);
 #endif
 
 #ifdef _GNU_SOURCE

diff --git a/src/string/explicit_bzero.c b/src/string/explicit_bzero.c
new file mode 100644 (file)
index 0000000..3d27004
--- /dev/null
+++ b/src/string/explicit_bzero.c
@@ -0,0 +1,8 @@
+#define _BSD_SOURCE
+#include <string.h>
+
+void explicit_bzero(void *d, size_t n)
+{
+       memset(d, 0, n);
+       __asm__ __volatile__ ("" : : "r"(d) : "memory");
+}