termux-packages

Commit Graph

Author	SHA1	Message	Date
Günther Noack	78b3381ef8	Indirect explicit_bzero through memset pointer. The original comment indicates that using `bzero()` directly may result in dead store elimination, so they explicitly avoided calling `bzero()` as you do now. `explicit_bzero` is used in cryptographic software to clear keys from process memory after use, even if that memory is not read any more afterwards. Maybe it would be safer like this? (I copied the approach from https://android.googlesource.com/platform/external/openssh/+/refs/tags/android-6.0.1_r70/openbsd-compat/explicit_bzero.c, so that should work on Android.) Caveat, I was hand-editing the diff and did not find time to set up the toolchain to build this; but the general approach should work?	2020-03-29 23:03:21 +03:00
Fredrik Fornwall	a8b61adf91	openssh: Update from 7.3p1 to 7.4p1	2016-12-20 20:33:53 -05:00

Author

SHA1

Message

Date

Günther Noack

78b3381ef8

Indirect explicit_bzero through memset pointer.

The original comment indicates that using `bzero()` directly may result in dead store elimination, so they explicitly avoided calling `bzero()` as you do now. `explicit_bzero` is used in cryptographic software to clear keys from process memory after use, even if that memory is not read any more afterwards.

Maybe it would be safer like this? (I copied the approach from https://android.googlesource.com/platform/external/openssh/+/refs/tags/android-6.0.1_r70/openbsd-compat/explicit_bzero.c, so that should work on Android.)

Caveat, I was hand-editing the diff and did not find time to set up the toolchain to build this; but the general approach should work?

2020-03-29 23:03:21 +03:00

Fredrik Fornwall

a8b61adf91

openssh: Update from 7.3p1 to 7.4p1

2016-12-20 20:33:53 -05:00

2 Commits