zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add functions to securely fill memory with zeros.

Browse Source 
Various places are using "memset(ptr, 0, size)" which might get optimized
away by the compiler if "ptr" is not used afterwards. The new functions
can be used to securely clear memory instead.

Bug: None
Change-Id: I067a51d17ff84d95dc4934d46a24027fbcb4825d
Reviewed-on: https://webrtc-review.googlesource.com/35500
Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
Commit-Queue: Joachim Bauch <jbauch@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#21706}
This commit is contained in:
Joachim Bauch
2017-12-21 22:00:34 +01:00
committed by Commit Bot
parent 04b266668a
commit 58daf40bad
4 changed files with 126 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
rtc_base/BUILD.gn
View File

@ -549,6 +549,7 @@ rtc_static_library("rtc_base_generic") {
":checks", ":checks",
":stringutils", ":stringutils",
"..:webrtc_common", "..:webrtc_common",
"../api:array_view",
"../api:optional", "../api:optional",
] ]
public_deps = [ public_deps = [
@ -655,6 +656,8 @@ rtc_static_library("rtc_base_generic") {
"stream.h", "stream.h",
"thread.cc", "thread.cc",
"thread.h", "thread.h",
"zero_memory.cc",
"zero_memory.h",
] ]
visibility = [ visibility = [
@ -1090,6 +1093,7 @@ if (rtc_include_tests) {
"stream_unittest.cc", "stream_unittest.cc",
"testclient_unittest.cc", "testclient_unittest.cc",
"thread_unittest.cc", "thread_unittest.cc",
"zero_memory_unittest.cc",
] ]
if (is_win) { if (is_win) {
sources += [ sources += [
@ -1110,6 +1114,7 @@ if (rtc_include_tests) {
":rtc_base_tests_main", ":rtc_base_tests_main",
":rtc_base_tests_utils", ":rtc_base_tests_utils",
":stringutils", ":stringutils",
"../api:array_view",
"../api:optional", "../api:optional",
"../test:test_support", "../test:test_support",
] ]

36
rtc_base/zero_memory.cc Normal file
View File

@ -0,0 +1,36 @@
/*
* Copyright 2017 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#if defined(WEBRTC_WIN)
#include <windows.h>
#else
#include <string.h>
#endif
#include "rtc_base/checks.h"
#include "rtc_base/zero_memory.h"
namespace rtc {
// Code and comment taken from "OPENSSL_cleanse" of BoringSSL.
void ExplicitZeroMemory(void* ptr, size_t len) {
RTC_DCHECK(ptr || !len);
#if defined(WEBRTC_WIN)
SecureZeroMemory(ptr, len);
#else
memset(ptr, 0, len);
/* As best as we can tell, this is sufficient to break any optimisations that
might try to eliminate "superfluous" memsets. If there's an easy way to
detect memset_s, it would be better to use that. */
__asm__ __volatile__("" : : "r"(ptr) : "memory"); // NOLINT
#endif
}
} // namespace rtc

33
rtc_base/zero_memory.h Normal file
View File

@ -0,0 +1,33 @@
/*
* Copyright 2017 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#ifndef RTC_BASE_ZERO_MEMORY_H_
#define RTC_BASE_ZERO_MEMORY_H_
#include <type_traits>
#include "api/array_view.h"
namespace rtc {
// Fill memory with zeros in a way that the compiler doesn't optimize it away
// even if the pointer is not used afterwards.
void ExplicitZeroMemory(void* ptr, size_t len);
template <typename T,
typename std::enable_if<!std::is_const<T>::value &&
std::is_trivial<T>::value>::type* = nullptr>
void ExplicitZeroMemory(rtc::ArrayView<T> a) {
ExplicitZeroMemory(a.data(), a.size());
}
} // namespace rtc
#endif // RTC_BASE_ZERO_MEMORY_H_

52
rtc_base/zero_memory_unittest.cc Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright 2017 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#include "rtc_base/zero_memory.h"
#include "api/array_view.h"
#include "rtc_base/buffer.h"
#include "rtc_base/gunit.h"
namespace rtc {
TEST(ZeroMemoryTest, TestZeroMemory) {
static const size_t kBufferSize = 32;
uint8_t buffer[kBufferSize];
for (size_t i = 0; i < kBufferSize; i++) {
buffer[i] = static_cast<uint8_t>(i + 1);
}
ExplicitZeroMemory(buffer, sizeof(buffer));
for (size_t i = 0; i < kBufferSize; i++) {
EXPECT_EQ(buffer[i], 0);
}
}
TEST(ZeroMemoryTest, TestZeroArrayView) {
static const size_t kBufferSize = 32;
uint8_t buffer[kBufferSize];
for (size_t i = 0; i < kBufferSize; i++) {
buffer[i] = static_cast<uint8_t>(i + 1);
}
ExplicitZeroMemory(rtc::ArrayView<uint8_t>(buffer, sizeof(buffer)));
for (size_t i = 0; i < kBufferSize; i++) {
EXPECT_EQ(buffer[i], 0);
}
}
// While this test doesn't actually test anything, it can be used to check
// the compiler output to make sure the call to "ExplicitZeroMemory" is not
// optimized away.
TEST(ZeroMemoryTest, TestZeroMemoryUnused) {
static const size_t kBufferSize = 32;
uint8_t buffer[kBufferSize];
ExplicitZeroMemory(buffer, sizeof(buffer));
}
} // namespace rtc