| Age | Commit message (Collapse) | Author |
|---|
|
* ADD new /src/common/crypto_rand.[ch] module.
* ADD new /src/common/crypto_util.[ch] module (contains the memwipe()
function, since all crypto_* modules need this).
* FIXES part of #24658: https://bugs.torproject.org/24658
|
|
|
|
|
|
|
|
|
|
|
|
Test-memwipe is *supposed* to invoke undefined behavior, alas.
Closes 20066.
|
|
The functions it warns about are:
assert, memcmp, strcat, strcpy, sprintf, malloc, free, realloc,
strdup, strndup, calloc.
Also, fix a few lingering instances of these in the code. Use other
conventions to indicate _intended_ use of assert and
malloc/realloc/etc.
|
|
In nearly all cases, this is a matter of making sure that we include
orconfig.h before we include any standard c headers.
|
|
This is a big-ish patch, but it's very straightforward. Under this
clang warning, we're not actually allowed to have a global variable
without a previous extern declaration for it. The cases where we
violated this rule fall into three roughly equal groups:
* Stuff that should have been static.
* Stuff that was global but where the extern was local to some
other C file.
* Stuff that was only global when built for the unit tests, that
needed a conditional extern in the headers.
The first two were IMO genuine problems; the last is a wart of how
we build tests.
|
|
Apparently somewhere along the line we decided that MIN might be
missing.
But we already defined it (if it was missing) in compat.h, which
everybody includes.
Closes ticket 18889.
|
|
This patch was generated using;
sed -i -e "s/\bINLINE\b/inline/" src/*/*.[ch] src/*/*/*.[ch]
|
|
|
|
|
|
|
|
It invokes undefined behavior, I'm afraid, since there's no other
c-legal way to test whether memwipe() works when we're not allowed to
look at it.
Closes ticket 15377.
|
