[gnome-keyring/dbus-api] [egg] Function for clearing secure memory.

[Stefan Walter <stefw src gnome org>]

commit 9c7bead1546bace7db9d019d3bd483b6e1bc58e0
Author: Stefan Walter <Stefan Walter>
Date:   Sat Aug 8 02:06:17 2009 +0000

    [egg] Function for clearing secure memory.
    
    Added egg_secure_clear() and fine tuned egg_secure_strclear().

 egg/egg-secure-memory.c      |   26 ++++++++++++++++----------
 egg/egg-secure-memory.h      |    2 ++
 egg/tests/unit-test-secmem.c |   31 +++++++++++++++++++++++++++++++
 3 files changed, 49 insertions(+), 10 deletions(-)
---
diff --git a/egg/egg-secure-memory.c b/egg/egg-secure-memory.c
index 2791e5e..259ca20 100644
--- a/egg/egg-secure-memory.c
+++ b/egg/egg-secure-memory.c
@@ -1197,21 +1197,27 @@ egg_secure_strdup (const char *str)
 }
 
 void
-egg_secure_strclear (char *str)
+egg_secure_clear (void *p, size_t length)
 {
 	volatile char *vp;
-	size_t len;
 	
-	if (!str)
+	if (p == NULL)
 		return;
 		
-        vp = (volatile char*)str;
-       	len = strlen (str);
-        while (len) { 
-        	*vp = 0xAA;
-        	vp++;
-        	len--; 
-        } 
+        vp = (volatile char*)p;
+        while (length) {
+	        *vp = 0xAA;
+	        vp++;
+	        length--;
+	}
+}
+
+void
+egg_secure_strclear (char *str)
+{
+	if (!str)
+		return;
+	egg_secure_clear ((unsigned char*)str, strlen (str));
 }
 
 void
diff --git a/egg/egg-secure-memory.h b/egg/egg-secure-memory.h
index f824a4f..5bb3e12 100644
--- a/egg/egg-secure-memory.h
+++ b/egg/egg-secure-memory.h
@@ -76,6 +76,8 @@ void   egg_secure_free         (void* p);
 
 void   egg_secure_free_full    (void* p, int fallback); 
 
+void   egg_secure_clear        (void *p, size_t length);
+
 int    egg_secure_check        (const void* p); 
 
 void   egg_secure_validate     (void);
diff --git a/egg/tests/unit-test-secmem.c b/egg/tests/unit-test-secmem.c
index 007ad4c..f320900 100644
--- a/egg/tests/unit-test-secmem.c
+++ b/egg/tests/unit-test-secmem.c
@@ -204,3 +204,34 @@ DEFINE_TEST(secmem_multialloc)
 	
 	egg_secure_warnings = 1;
 }
+
+DEFINE_TEST(secmem_clear)
+{
+	gpointer p;
+
+	p = egg_secure_alloc_full (188, 0);
+	g_assert (p != NULL);
+	memset (p, 0x89, 188);
+	g_assert (memchr (p, 0x89, 188) == p);
+
+	egg_secure_clear (p, 188);
+	g_assert (memchr (p, 0x89, 188) == NULL);
+
+	egg_secure_free_full (p, 0);
+}
+
+DEFINE_TEST(secmem_strclear)
+{
+	gchar *str;
+
+	str = egg_secure_strdup ("secret");
+	g_assert (str != NULL);
+	g_assert_cmpuint (strlen (str), ==, 6);
+	g_assert (strchr (str, 't') == str + 6);
+
+	egg_secure_strclear (str);
+	g_assert_cmpuint (strlen (str), ==, 6);
+	g_assert (strchr (str, 't') == NULL);
+
+	egg_secure_free_full (str, 0);
+}