Gitiles
Code Review Sign In
gerrit.nordix.org / fdio / vpp / b7b929931a07fbb27b43d5cd105f366c3e29807e^! / . / src / vnet / ipsec / ikev2_crypto.c
commitb7b929931a07fbb27b43d5cd105f366c3e29807e[log] [tgz]
authorDave Barach <dave@barachs.net>Wed Oct 17 10:38:51 2018 -0400
committerDamjan Marion <dmarion@me.com>Tue Oct 23 13:06:46 2018 +0000
tree438681c89738802dbb5d339715b96ea2c31bafb4
parentb9a4c445c1d4e9cdab476a8e1fb8a46ff0fc6080 [diff] [blame]
c11 safe string handling support

Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab
Signed-off-by: Dave Barach <dave@barachs.net>

diff --git a/src/vnet/ipsec/ikev2_crypto.c b/src/vnet/ipsec/ikev2_crypto.c
index d595570..037a3f5 100644
--- a/src/vnet/ipsec/ikev2_crypto.c
+++ b/src/vnet/ipsec/ikev2_crypto.c

@@ -539,10 +539,10 @@
 	{
 	  sa->i_dh_data = vec_new (u8, t->key_len);
 	  x_off = len - BN_num_bytes (x);
-	  memset (sa->i_dh_data, 0, x_off);
+	  clib_memset (sa->i_dh_data, 0, x_off);
 	  BN_bn2bin (x, sa->i_dh_data + x_off);
 	  y_off = t->key_len - BN_num_bytes (y);
-	  memset (sa->i_dh_data + len, 0, y_off - len);
+	  clib_memset (sa->i_dh_data + len, 0, y_off - len);
 	  BN_bn2bin (y, sa->i_dh_data + y_off);
 
 	  const BIGNUM *prv = EC_KEY_get0_private_key (ec);
@@ -554,10 +554,10 @@
 	{
 	  sa->r_dh_data = vec_new (u8, t->key_len);
 	  x_off = len - BN_num_bytes (x);
-	  memset (sa->r_dh_data, 0, x_off);
+	  clib_memset (sa->r_dh_data, 0, x_off);
 	  BN_bn2bin (x, sa->r_dh_data + x_off);
 	  y_off = t->key_len - BN_num_bytes (y);
-	  memset (sa->r_dh_data + len, 0, y_off - len);
+	  clib_memset (sa->r_dh_data + len, 0, y_off - len);
 	  BN_bn2bin (y, sa->r_dh_data + y_off);
 
 	  x = BN_bin2bn (sa->i_dh_data, len, x);
@@ -569,10 +569,10 @@
 	  EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
 					       bn_ctx);
 	  x_off = len - BN_num_bytes (x);
-	  memset (sa->dh_shared_key, 0, x_off);
+	  clib_memset (sa->dh_shared_key, 0, x_off);
 	  BN_bn2bin (x, sa->dh_shared_key + x_off);
 	  y_off = t->key_len - BN_num_bytes (y);
-	  memset (sa->dh_shared_key + len, 0, y_off - len);
+	  clib_memset (sa->dh_shared_key + len, 0, y_off - len);
 	  BN_bn2bin (y, sa->dh_shared_key + y_off);
 	}
 
@@ -658,10 +658,10 @@
       EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
       sa->dh_shared_key = vec_new (u8, t->key_len);
       x_off = len - BN_num_bytes (x);
-      memset (sa->dh_shared_key, 0, x_off);
+      clib_memset (sa->dh_shared_key, 0, x_off);
       BN_bn2bin (x, sa->dh_shared_key + x_off);
       y_off = t->key_len - BN_num_bytes (y);
-      memset (sa->dh_shared_key + len, 0, y_off - len);
+      clib_memset (sa->dh_shared_key + len, 0, y_off - len);
       BN_bn2bin (y, sa->dh_shared_key + y_off);
 
       EC_KEY_free (ec);