dropbear: avoid compiler optimization in m_burn

author Konstantin Demin <[email protected]>

Tue, 16 Oct 2018 13:31:47 +0000 (16:31 +0300)

committer Hans Dedecker <[email protected]>

Thu, 8 Nov 2018 10:07:05 +0000 (11:07 +0100)
author Konstantin Demin <[email protected]>
Tue, 16 Oct 2018 13:31:47 +0000 (16:31 +0300)
committer Hans Dedecker <[email protected]>
Thu, 8 Nov 2018 10:07:05 +0000 (11:07 +0100)
diff --git a/package/network/services/dropbear/patches/016-m_burn-avoid_optimization.patch b/package/network/services/dropbear/patches/016-m_burn-avoid_optimization.patch

new file mode 100644 (file)

index 0000000..f43528f
--- /dev/null
+++ b/package/network/services/dropbear/patches/016-m_burn-avoid_optimization.patch
@@ -0,0 +1,21 @@
+--- a/dbhelpers.c
++++ b/dbhelpers.c
+@@ -9,16 +9,8 @@ void m_burn(void *data, unsigned int len
+ #elif defined(HAVE_EXPLICIT_BZERO)
+       explicit_bzero(data, len);
+ #else
+-/* Based on the method in David Wheeler's
+- * "Secure Programming for Linux and Unix HOWTO". May not be safe
+- * against link-time optimisation. */
+-      volatile char *p = data;
+-
+-      if (data == NULL)
+-              return;
+-      while (len--) {
+-              *p++ = 0x0;
+-      }
++      volatile void *p = data;
++      memset((void*)p, 0x0, len);
+ #endif
+ }
+
author	Konstantin Demin <[email protected]>
	Tue, 16 Oct 2018 13:31:47 +0000 (16:31 +0300)
committer	Hans Dedecker <[email protected]>
	Thu, 8 Nov 2018 10:07:05 +0000 (11:07 +0100)