Bug 58921 - Compiler removal of code to clear password buffer
Summary: Compiler removal of code to clear password buffer
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: Core (show other bugs)
Version: 2.5-HEAD
Hardware: PC All
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-01-26 12:30 UTC by AppChecker
Modified: 2018-04-09 20:55 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description AppChecker 2016-01-26 12:30:53 UTC
Compiler may remove function memset for the purposes of optimization (with the usage of the argument -O3) in that piece of code:

File: support/passwd_common.c

int get_password(struct passwd_ctx *ctx)
{
...
if (apr_password_get("New password: ", buf, &bufsize) != 0)
   goto err_too_long;
...
memset(buf, '\0', sizeof(buf));
....
}

GitHub link: https://github.com/apache/httpd/blob/trunk/support/passwd_common.c#L165

If the file is compiled with -O3 argument after we use a command 

objdump -dr passwd_common.o 

the listing will not contain that memset function call.
Comment 1 Christophe JAILLET 2018-04-09 20:55:08 UTC
if needed, 'apr_crypto_memzero()' in APR trunk can be taken and used for that.