From b647b753e005588065f806f9830928a9b53cdcef Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Wed, 16 Mar 2016 23:39:39 +0800
Subject: [PATCH] Use memset_s or explicit_bzero

---
 configure.ac | 3 +++
 dbutil.c     | 7 +++++++
 2 files changed, 10 insertions(+)

diff --git a/configure.ac b/configure.ac
index 9fd8ef20..893b9041 100644
--- a/configure.ac
+++ b/configure.ac
@@ -375,6 +375,9 @@ AC_CHECK_FUNCS(logout updwtmp logwtmp)
 AC_CHECK_HEADERS([mach/mach_time.h])
 AC_CHECK_FUNCS(mach_absolute_time)
 
+AC_CHECK_FUNCS(explicit_bzero memset_s)
+
+
 AC_ARG_ENABLE(bundled-libtom,
 [  --enable-bundled-libtom       Force using bundled libtomcrypt/libtommath even if a system version exists.
   --disable-bundled-libtom      Force using system libtomcrypt/libtommath, fail if it does not exist.
diff --git a/dbutil.c b/dbutil.c
index 93b03a3e..27f0fd11 100644
--- a/dbutil.c
+++ b/dbutil.c
@@ -564,6 +564,12 @@ void * m_realloc(void* ptr, size_t size) {
 /* Beware of calling this from within dbutil.c - things might get
  * optimised away */
 void m_burn(void *data, unsigned int len) {
+
+#if defined(HAVE_MEMSET_S)
+	memset_s(data, len, 0x0, len);
+#elif defined(HAVE_EXPLICIT_BZERO)
+	explicit_bzero(data, len);
+#else
 	volatile char *p = data;
 
 	if (data == NULL)
@@ -571,6 +577,7 @@ void m_burn(void *data, unsigned int len) {
 	while (len--) {
 		*p++ = 0x0;
 	}
+#endif
 }
 
 
-- 
GitLab