Use memset_s or explicit_bzero when available.

author: Nick Mathewson <nickm@torproject.org> 2016-01-07 12:53:24 -0800
committer: Nick Mathewson <nickm@torproject.org> 2016-01-07 12:53:24 -0800
commit: 3783046f3b519533fc721472f38ccf437d2d12a5 (patch)
tree: c45773b7f07a6f2eda1a07934557a2153dc4aaf8 /src/common/crypto.c
parent: 8d6aafbb4a7f4f9748b88f5ce16675900559149e (diff)
download: tor-3783046f3b519533fc721472f38ccf437d2d12a5.tar.gz
tor-3783046f3b519533fc721472f38ccf437d2d12a5.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index bcb06e09df..e62cc0a511 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2970,7 +2970,15 @@ memwipe(void *mem, uint8_t byte, size_t sz)
    * ...or maybe not.  In practice, there are pure-asm implementations of
    * OPENSSL_cleanse() on most platforms, which ought to do the job.
    **/
+
+#ifdef HAVE_EXPLICIT_BZERO
+  explicit_bzero(mem, sz);
+#elif HAVE_MEMSET_S
+  memset_s( mem, sz, 0, sz );
+#else
   OPENSSL_cleanse(mem, sz);
+#endif
+
   /* Just in case some caller of memwipe() is relying on getting a buffer
    * filled with a particular value, fill the buffer.
    *
author	Nick Mathewson <nickm@torproject.org>	2016-01-07 12:53:24 -0800
committer	Nick Mathewson <nickm@torproject.org>	2016-01-07 12:53:24 -0800
commit	3783046f3b519533fc721472f38ccf437d2d12a5 (patch)
tree	c45773b7f07a6f2eda1a07934557a2153dc4aaf8 /src/common/crypto.c
parent	8d6aafbb4a7f4f9748b88f5ce16675900559149e (diff)
download	tor-3783046f3b519533fc721472f38ccf437d2d12a5.tar.gz tor-3783046f3b519533fc721472f38ccf437d2d12a5.zip