Add m4 Code to Insecure Scrubs Fix

centrallix-lib/aclocal.m4

@@ -52,6 +52,77 @@ AC_DEFUN(CHECK_BUILTIN_EXPECT,
     ]
 )
 
+dnl check if memset_explicit(), memset_s(), explicit_bzero() are available.
+AC_DEFUN(CHECK_MEMSET,
+    [
+	AC_MSG_CHECKING(if memset_explicit is available)
+	AC_RUN_IFELSE(
+	    [AC_LANG_PROGRAM(
+		[#include <string.h>],
+		[
+		    char buf[[16]];
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			buf[[i]] = i;
+		    memset_explicit(buf, 0, sizeof(buf));
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			if (buf[[i]] != 0)
+			    return -1;
+		]
+	    )],
+	    [
+		AC_DEFINE([HAVE_MEMSET_EXPLICIT], [1], [Define if memset_explicit is available])
+		AC_MSG_RESULT([yes])
+	    ],
+	    [AC_MSG_RESULT([no])]
+	)
+
+	AC_MSG_CHECKING(if memset_s is available)
+	AC_RUN_IFELSE(
+	    [AC_LANG_PROGRAM(
+		[
+		    #define __STDC_WANT_LIB_EXT1__ 1
+		    #include <string.h>
+		],
+		[
+		    char buf[[16]];
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			buf[[i]] = i;
+		    memset_s(buf, sizeof(buf), 0, sizeof(buf));
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			if (buf[[i]] != 0)
+			    return -1;
+		]
+	    )],
+	    [
+		AC_DEFINE([HAVE_MEMSET_S], [1], [Define if memset_s is available])
+		AC_MSG_RESULT([yes])
+	    ],
+	    [AC_MSG_RESULT([no])]
+	)
+
+	AC_MSG_CHECKING(if explicit_bzero is available)
+	AC_RUN_IFELSE(
+	    [AC_LANG_PROGRAM(
+		[#include <string.h>],
+		[
+		    char buf[[16]];
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			buf[[i]] = i;
+		    explicit_bzero(buf, sizeof(buf));
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			if (buf[[i]] != 0)
+			    return -1;
+		]
+	    )],
+	    [
+		AC_DEFINE([HAVE_EXPLICIT_BZERO], [1], [Define if explicit_bzero is available])
+		AC_MSG_RESULT([yes])
+	    ],
+	    [AC_MSG_RESULT([no])]
+	)
+    ]
+)
+
 dnl check if gcc allows -fPIC and -pg at the same time
 AC_DEFUN(CHECK_PROFILE,
     [

centrallix-lib/configure

@@ -4110,6 +4110,150 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
 
 
 
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if memset_explicit is available" >&5
+$as_echo_n "checking if memset_explicit is available... " >&6; }
+	if test "$cross_compiling" = yes; then :
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run test program while cross compiling
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <string.h>
+int
+main ()
+{
+
+		    char buf[16];
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			buf[i] = i;
+		    memset_explicit(buf, 0, sizeof(buf));
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			if (buf[i] != 0)
+			    return -1;
+
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+
+
+$as_echo "#define HAVE_MEMSET_EXPLICIT 1" >>confdefs.h
+
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if memset_s is available" >&5
+$as_echo_n "checking if memset_s is available... " >&6; }
+	if test "$cross_compiling" = yes; then :
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run test program while cross compiling
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+		    #define __STDC_WANT_LIB_EXT1__ 1
+		    #include <string.h>
+
+int
+main ()
+{
+
+		    char buf[16];
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			buf[i] = i;
+		    memset_s(buf, sizeof(buf), 0, sizeof(buf));
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			if (buf[i] != 0)
+			    return -1;
+
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+
+
+$as_echo "#define HAVE_MEMSET_S 1" >>confdefs.h
+
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+
+	{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if explicit_bzero is available" >&5
+$as_echo_n "checking if explicit_bzero is available... " >&6; }
+	if test "$cross_compiling" = yes; then :
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run test program while cross compiling
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <string.h>
+int
+main ()
+{
+
+		    char buf[16];
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			buf[i] = i;
+		    explicit_bzero(buf, sizeof(buf));
+		    for (size_t i = 0; i < sizeof(buf); i++)
+			if (buf[i] != 0)
+			    return -1;
+
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+
+
+$as_echo "#define HAVE_EXPLICIT_BZERO 1" >>confdefs.h
+
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+
+
+
+
 
     { $as_echo "$as_me:${as_lineno-$LINENO}: checking if -fPIC and -pg can be used at the same time" >&5
 $as_echo_n "checking if -fPIC and -pg can be used at the same time... " >&6; }

centrallix-lib/configure.ac

@@ -43,6 +43,9 @@ CHECK_MAKEDEPEND
 dnl Check for __builtin_expect()
 CHECK_BUILTIN_EXPECT
 
+dnl Check for memset_explicit(), memset_s(), and explicit_bzero().
+CHECK_MEMSET
+
 dnl Check if -pg is allowed with -fPIC
 AH_TEMPLATE([USE_PROFILE], [Define for profiling])
 CHECK_PROFILE

centrallix-lib/include/cxlibconfig-all.h.in

@@ -9,6 +9,9 @@
 /* Define to 1 if you have the `endservent' function. */
 #undef HAVE_ENDSERVENT
 
+/* Define if explicit_bzero is available */
+#undef HAVE_EXPLICIT_BZERO
+
 /* Define to 1 if you have the <fcntl.h> header file. */
 #undef HAVE_FCNTL_H
 
@@ -24,6 +27,12 @@
 /* Define to 1 if you have the <memory.h> header file. */
 #undef HAVE_MEMORY_H
 
+/* Define if memset_explicit is available */
+#undef HAVE_MEMSET_EXPLICIT
+
+/* Define if memset_s is available */
+#undef HAVE_MEMSET_S
+
 /* Define to 1 if you have the `select' function. */
 #undef HAVE_SELECT
 

centrallix-lib/include/cxlibconfig-internal.h.in

@@ -35,3 +35,11 @@
 /* defined to 1 if SIOCOUTQ is available */
 #undef HAVE_SIOCOUTQ
 
+/* defined to 1 if memset_explict() is available */
+#undef HAVE_MEMSET_EXPLICIT
+
+/* defined to 1 if memset_s() is available */
+#undef HAVE_MEMSET_S
+
+/* defined to 1 if explicit_bzero() is available */
+#undef HAVE_EXPLICIT_BZERO

centrallix-lib/include/cxsec.h

@@ -31,6 +31,8 @@ void cxsecInitialize();
 int cxsecVerifySymbol(const char* sym);
 int cxsecVerifySymbol_n(const char* sym, size_t n);
 
+void cxsecShred(void* data, size_t n_bytes);
+
 #ifndef __GNUC__
 #define __attribute__(a) /* hide function attributes from non-GCC compilers */
 #endif

centrallix-lib/src/cxsec.c

@@ -1,9 +1,15 @@
+#ifdef HAVE_MEMSET_S
+#define __STDC_WANT_LIB_EXT1__ 1
+#endif
 #ifdef HAVE_CONFIG_H
 #include "cxlibconfig-internal.h"
 #endif
 #include "cxsec.h"
 #include <stdlib.h>
 #include <stdio.h>
+#include <stdint.h>
+#include <stddef.h>
+#include <string.h>
 #include <ctype.h>
 
 /************************************************************************/
@@ -68,6 +74,7 @@ cxsecInitDS(unsigned long* start, unsigned long* end)
     return;
     }
 
+
 void
 cxsecVerifyDS(unsigned long* start, unsigned long* end, char* file, int line)
     {
@@ -87,6 +94,7 @@ cxsecVerifyDS(unsigned long* start, unsigned long* end, char* file, int line)
     return;
     }
 
+
 void
 cxsecUpdateDS(unsigned long* start, unsigned long* end, char* file, int line)
     {
@@ -137,6 +145,7 @@ cxsecVerifySymbol(const char* sym)
     return 0;
     }
 
+
 int
 cxsecVerifySymbol_n(const char* sym, size_t n)
     {
@@ -163,3 +172,46 @@ cxsecVerifySymbol_n(const char* sym, size_t n)
     return 0;
     }
 
+
+/*** cxssShred() - Erase the given data so that it is no longer readable
+ *** even in raw memory.  This is the same as calling memset_explicit(),
+ *** except that this function works before C23, when memset_explicit()
+ *** was added.
+ *** 
+ *** Also, using this function signifies the intent to scrub possibly
+ *** sensitive data, which makes code more readable.
+ *** 
+ *** @param data A pointer to the data buffer to be erased.
+ *** @param n_bytes The number of bytes allocated to the data buffer.
+ *** 	Causes undefined behavior if incorrect.
+ ***/
+void
+cxsecShred(void* data, size_t n_bytes)
+    {
+#ifdef HAVE_MEMSET_EXPLICIT
+#define CXSEC_FOUND
+	memset_explicit(data, 0, n_bytes);
+	return;
+#endif
+
+#ifdef HAVE_MEMSET_S
+#define CXSEC_FOUND
+	memset_s(data, n_bytes, 0, n_bytes);
+	return;
+#endif
+
+#ifdef HAVE_EXPLICIT_BZERO
+#define CXSEC_FOUND
+	explicit_bzero(data, n_bytes);
+	return;
+#endif
+
+#ifndef CXSEC_FOUND
+#undef CXSEC_FOUND
+	volatile uint8_t* ptr = (volatile uint8_t*)data;
+	for (size_t i = 0; i < n_bytes; i++)
+	    ptr[i] = 0;
+#endif
+
+    return;
+    }