> > Does this optimization also occur during compilation of the Linux
> > kernel?
> Any such dead store removal is up to the compiler and the lifetime
> of the object being clobbered. For 'auto' objects the optimization
> is certainly likely.
>
> This is only a problem if the memory (a thread stack, say) is recycled
> and leaked uninitialized to user-space, but such bugs are squashed
> fairly quickly upon discovery.
Thanks for comments,
In the sha1_update() case I don't know whether the stack is recycled and
leaked - it may be dependent on the calling function, but isn't it
vulnerable?
I tested this with the snippet below. If compiled with -O1 or -O2 and
ON_STACK defined 1, I can read "Secret" a second time. With ON_STACK
defined 0 I do not.
Roel
---
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define ON_STACK 1
void foo()
{
char password[] = "secret";
password[0]='S';
printf ("Don't show again: %s\n", password);
memset(password, 0, sizeof(password));
}
void foo2()
{
char* password = malloc(7);
strncpy (password, "secret" , 7);
password[6] = '\0';
password[0] = 'S';
printf ("Don't show again: %s\n", password);
memset(password, 0, 7);
free(password);
}
int main(int argc, char* argv[])
{
#if ON_STACK == 1
foo();
#else
foo2();
#endif
int i;
char foo3[] = "hoi";
printf ("foo1:%s\n", foo3);
char* bar = &foo3[0];
for (i = -50; i < 50; i++)
printf ("%c.", bar[i]);
printf("\n");
return 0;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
