mirror of
https://github.com/zephyrproject-rtos/zephyr
synced 2025-08-14 14:35:22 +00:00
eb0dccdb94
Zeroing out 2*NUM_ECC_WORDS bytes starting from the `p2` pointer would not only write 16 bytes to an 8-byte array allocated on the stack, but also not clear out important arrays such as `_private` and `tmp`. Moreover, no memory was cleared out before returning from the function, and there are two exit points. Properly memset() all private data and use an empty assembly block referencing the memory region to avoid the memset() calls to be elided by the compiler. Ideally, in the future, all stack-allocated variables that contains sensitive information should be marked with __attribute__((cleanup)), a GCC extension that calls a function when the variable exits the scope. This will not only reduce code size, but for other functions with multiple exit points, also ensure that sensitive data is always cleared. Signed-off-by: Leandro Pereira <leandro.pereira@intel.com> |
||
|---|---|---|
| .. | ||
| debug | ||
| fs | ||
| hal | ||
| lib | ||
| Kbuild | ||
| Kconfig | ||
| Makefile | ||