[New-bugs-announce] [issue17405] Add _Py_memset_s() to securely clear memory
Christian Heimes
report at bugs.python.org
Tue Mar 12 17:54:12 CET 2013
New submission from Christian Heimes:
Compilers like GCC optimize away code like memset(var, 0, sizeof(var)) if the code occurs at the end of a function and var is not used anymore [1]. But security relevant code like hash and encryption use this to overwrite sensitive data with zeros.
The code in _sha3module.c uses memset() to clear its internal state. The other hash modules don't clear their internal states yet.
There exists a couple of solutions for the problem:
* C11 [ISO/IEC 9899:2011] has a memset_s() function
* MSVC has SecureZeroMemory()
* GCC can disable the optimization with #pragma GCC optimize ("O0") since GCC 4.4
* [2] contains an example for a custom implementation of memset_s() with volatile.
[1] http://gcc.gnu.org/bugzilla/show_bug.cgi?id=8537
[2] https://www.securecoding.cert.org/confluence/display/seccode/MSC06-C.+Be+aware+of+compiler+optimization+when+dealing+with+sensitive+data
----------
assignee: christian.heimes
messages: 184032
nosy: christian.heimes
priority: normal
severity: normal
stage: needs patch
status: open
title: Add _Py_memset_s() to securely clear memory
type: security
versions: Python 3.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17405>
_______________________________________
More information about the New-bugs-announce
mailing list