[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PROPOSED 0/4] memset_explicit patches
|
From: |
Simon Josefsson |
|
Subject: |
Re: [PROPOSED 0/4] memset_explicit patches |
|
Date: |
Mon, 28 Nov 2022 11:15:07 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) |
Paul Eggert <eggert@cs.ucla.edu> writes:
> Here's a proposed set of patches to add support for C23's
> memset_explicit function, along with the corresponding fallout in
> Gnulib. The idea is to prefer memset_explicit, but continue to
> support explicit_bzero (which is not marked as obsolescent, as it's
> too soon for that). Comments welcome.
Thanks -- I did a brief code review and it looks fine, and thanks for
adding a test-case for this -- it will be interesting to see in what
environments it will fail, indicating problematic compiler optimizations
(or bugs).
A general observation is that I'm mixed about offering replacement of
security-relevant APIs which do not offer the same guarantees as a
secure implementation. In these situations, it may actually be
preferrably to crash or to refuse to build the application, at least by
default. Compare with gnulib's getrandom(). On platforms we care
about, things should be secure, but it is just a small bug away from
gnulib deciding to replace a system/compiler-provided secure
memset_explicit with our less secure memset_explicit.
OTOH, this would create a lot of problems: libtasn1's use of read_file()
never uses the sensitive flag, and thus will never call explicit_bzero.
Refusing to build would be excessive.
/Simon
signature.asc
Description: PGP signature