[libvirt PATCH v2 05/10] Replace bzero() with memset()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This was found by clang-tidy's
"clang-analyzer-security.insecureAPI.bzero" check.

bzero is marked as deprecated ("LEGACY") in POSIX.1-2001 and
removed in POSIX.1-2008.

Besides its deprecation, bzero can be unsafe to use under certain
circumstances, e.g. when used to zero-out memory containing secrects.
These calls can be optimized away by the compiler, if it concludes no
further access happens to the memory, thus leaving the secrets still
in memory. Hence its classification as "insecureAPI".

Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx>
---
 src/util/virarptable.c | 2 +-
 tests/virpcimock.c     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/util/virarptable.c b/src/util/virarptable.c
index d62de5e3dd..dac3486470 100644
--- a/src/util/virarptable.c
+++ b/src/util/virarptable.c
@@ -120,7 +120,7 @@ virArpTableGet(void)
             table->n = num + 1;
 
             addr = RTA_DATA(tb[NDA_DST]);
-            bzero(&virAddr, sizeof(virAddr));
+            memset(&virAddr, 0, sizeof(virAddr));
             virAddr.len = sizeof(virAddr.data.inet4);
             virAddr.data.inet4.sin_family = AF_INET;
             virAddr.data.inet4.sin_addr = *(struct in_addr *)addr;
diff --git a/tests/virpcimock.c b/tests/virpcimock.c
index 4aa96cae08..f6280fc8b5 100644
--- a/tests/virpcimock.c
+++ b/tests/virpcimock.c
@@ -233,7 +233,7 @@ pci_read_file(const char *path,
     if ((fd = real_open(newpath, O_RDWR)) < 0)
         goto cleanup;
 
-    bzero(buf, buf_size);
+    memset(buf, 0, buf_size);
     if (saferead(fd, buf, buf_size - 1) < 0) {
         STDERR("Unable to read from %s", newpath);
         goto cleanup;
-- 
2.26.2




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux