patch 9.1.1722: compiler may optimize away clearing of crypt key

Problem: Compiler may optimize away clearing of crypt key Solution: Use sodium_memzero() if available, else use memset() using a volatile function pointer (ashamedbit). closes: #18173 Signed-off-by: ashamedbit <muralianiruddhan@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
2025-10-18 07:54:29 -04:00 · 2025-08-31 20:05:23 +02:00
parent bf91eb7620
commit 59d496ab0c
2 changed files with 11 additions and 4 deletions
--- a/src/crypt.c
+++ b/src/crypt.c
@@ -780,12 +780,17 @@ crypt_decode_inplace(
    void
 crypt_free_key(char_u *key)
 {
-    char_u *p;
-
+    // Create a safe memset which cannot be optimized away by compiler
+    static void *(* volatile vim_memset_safe)(void *s, int c, size_t n) =
+	memset;
    if (key != NULL)
    {
-	for (p = key; *p != NUL; ++p)
-	    *p = 0;
+#ifdef FEAT_SODIUM
+	if (sodium_init() >= 0)
+	    sodium_memzero(key, STRLEN(key));
+	else
+#endif
+	    vim_memset_safe(key, 0, STRLEN(key));
 	vim_free(key);
    }
 }
--- a/src/version.c
+++ b/src/version.c
@@ -724,6 +724,8 @@ static char *(features[]) =

 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    1722,
 /**/
    1721,
 /**/