Add m4 Code to Insecure Scrubs Fix#105
Conversation
Add cxsecShred() to cxsec.c and cxsec.h. Clean up newline spacing in cxsec.c.
Update cxssShred() to use cxsecShred() instead of memset(). Improve the signature of cxssShred(). Improve the doc comment on cxssShred(). Clean up.
Remove #include "cxss/cxss.h". Add #include directives to include only the things that policy.h actually needs. Clean up.
Add code to use memset_explicit(), if available. Add code to use memset_s(), if available. Add code to use explicit_bzero(), if available. Add code to fall back to the original volatile memset if no other options are available.
Lightning11wins
added
ai-review
Greptile SummaryThis PR introduces autoconf detection for secure memory-scrubbing functions (
Confidence Score: 5/5The change is safe to merge; it correctly wires up autoconf detection and routes all sensitive-buffer zeroing through the new abstraction without altering any security-critical logic paths. The autoconf probes are well-formed, the generated configure looks correct, and all call sites are consistently updated. The only findings are style-level: independent #ifdef blocks instead of #if/#elif in the fallback chain, and a misnamed doc comment. centrallix-lib/src/cxsec.c — the #ifdef sentinel pattern and doc comment typo are minor but worth tidying before this lands.
|
| Filename | Overview |
|---|---|
| centrallix-lib/aclocal.m4 | Adds CHECK_MEMSET macro that probes for memset_explicit, memset_s (with STDC_WANT_LIB_EXT1), and explicit_bzero using AC_RUN_IFELSE; array indices correctly double-bracketed. |
| centrallix-lib/src/cxsec.c | Adds cxsecShred() with correct STDC_WANT_LIB_EXT1 guard; uses independent #ifdef blocks with a CXSEC_FOUND sentinel instead of #if/#elif which compiles dead branches when multiple HAVE_* macros are set; doc comment names function cxssShred instead of cxsecShred. |
| centrallix/cxss/cxss_utility.c | cxssShred now delegates to cxsecShred; signature updated from int/unsigned char* to void/void*; correct include of cxlib/cxsec.h added. |
| centrallix-lib/src/mtsession.c | All seven memset(s, 0, sizeof(MtSession)) calls replaced with cxsecShred; cxsec.h include added. |
| centrallix/netdrivers/net_http_sess.c | memset replaced with cxssShred; cxss/cxss.h already transitively included via net_http.h so no new include needed. |
Reviews (2): Last reviewed commit: "Clean up code that defined things we did..." | Re-trigger Greptile
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
…thod that is ACTUALLY secure (I think).
# Conflicts: # centrallix-lib/src/cxsec.c
|
This PR is ready for human review. |
1 participant
Add m4 macros to detect shred functions, which are used in the C code, if available.
Supported shred functions:
memset_explicit()memset_s()explicit_bzero()The code falls back to the original volatile memset only if none of the above functions are available. (This happens to be the case on my dev VM, so this PR doesn't actually change anything. However, in an ideal environment, one of the functions would be available, and this code would use it.)
This PR is blocked behind #104, which will need to be merged before this PR can be reviewed.