Page MenuHomeFreeBSD
Files F145434828

D13682.diff
No OneTemporary
Actions

D13682.diff
View Options

Index: head/lib/libc/string/Makefile.inc
===================================================================
--- head/lib/libc/string/Makefile.inc
+++ head/lib/libc/string/Makefile.inc
@@ -50,6 +50,7 @@
ffs.3 flsll.3
MLINKS+=index.3 rindex.3
MLINKS+=memchr.3 memrchr.3
+MLINKS+=memset.3 memset_s.3
MLINKS+=strcasecmp.3 strncasecmp.3 \
strcasecmp.3 strcasecmp_l.3 \
strcasecmp.3 strncasecmp_l.3
Index: head/lib/libc/string/memset.3
===================================================================
--- head/lib/libc/string/memset.3
+++ head/lib/libc/string/memset.3
@@ -32,7 +32,7 @@
.\" @(#)memset.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
-.Dd June 4, 1993
+.Dd February 15, 2018
.Dt MEMSET 3
.Os
.Sh NAME
@@ -43,7 +43,9 @@
.Sh SYNOPSIS
.In string.h
.Ft void *
-.Fn memset "void *b" "int c" "size_t len"
+.Fn memset "void *dest" "int c" "size_t len"
+.Ft errno_t
+.Fn memset_s "void *dest" "rsize_t destsz" "int c" "rsize_t len"
.Sh DESCRIPTION
The
.Fn memset
@@ -55,13 +57,66 @@
(converted to an
.Vt "unsigned char" )
to the string
-.Fa b .
+.Fa dest .
+Undefined behaviour from
+.Fn memset ,
+resulting from storage overflow, will occur if
+.Fa len
+is greater than the the length of buffer
+.Fa dest .
+The behaviour is also undefined if
+.Fa dest
+is an invalid pointer.
+.Pp
+The
+.Fn memset_s
+function behaves the same as
+.Fn memset
+except that an error is returned and the currently registered
+runtime-constraint handler is called if
+.Fa dest
+is a null pointer,
+.Fa destsz
+or
+.Fa len
+is greater than
+.Dv RSIZE_MAX ,
+or
+.Sp
+.Fa len
+is greater than
+.Fa destsz
+(buffer overflow would occur).
+The runtime-constraint handler is called first and may not return.
+If it does return, an error is returned to the caller.
+Like
+.Xr explicit_bzero 3 ,
+.Fn memset_s
+is not removed through Dead Store Elimination (DSE), making it useful for
+clearing sensitve data.
+In contrast
+.Fn memset
+function
+may be optimized away if the object modified by the function is not accessed
+again.
+To clear memory that will not subsequently be accessed it is advised to use
+.Fn memset_s
+instead of
+.Fn memset .
+For instance, a buffer containing a password should be cleared with
+.Fn memset_s
+before
+.Xr free 3 .
.Sh RETURN VALUES
The
.Fn memset
function returns its first argument.
+The
+.Fn memset_s
+function returns zero on success, non-zero on error.
.Sh SEE ALSO
.Xr bzero 3 ,
+.Xr explicit_bzero 3 ,
.Xr swab 3 ,
.Xr wmemset 3
.Sh STANDARDS
@@ -70,3 +125,7 @@
function
conforms to
.St -isoC .
+.Fn memset_s
+conforms to:
+.St -isoC-2011
+K.3.7.4.1.

File Metadata

Mime Type
text/plain
Expires
Fri, Feb 20, 8:22 PM (4 h, 15 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
28903220
Default Alt Text
D13682.diff (2 KB)

Event Timeline