Fix buffer overrun in secureZeroMemory when using D_InlineAsm_X86_64 …

…or D_InlineAsm_X86
shove70 · Sep 5, 2023 · c7de86f · c7de86f
1 parent 4cc4758
commit c7de86f
Showing 1 changed file with 17 additions and 2 deletions.
diff --git a/src/crypto/utils.d b/src/crypto/utils.d
@@ -43,7 +43,7 @@ void secureZeroMemory(void* p, in size_t length) pure nothrow @nogc
             mov RCX, length;
             iter:
             xor RBX, RBX;
-            mov [RDX], RBX;
+            mov [RDX], BL;
             inc RDX;
             loop iter;
         }
@@ -57,7 +57,7 @@ void secureZeroMemory(void* p, in size_t length) pure nothrow @nogc
             mov ECX, length;
             iter:
             xor EBX, EBX;
-            mov [EDX], EBX;
+            mov [EDX], BL;
             inc EDX;
             loop iter;
         }
@@ -124,3 +124,18 @@ unittest
     secureZeroMemory(cast(void[])i2);
     assert(i == i2);
 }
+
+unittest
+{
+    // Verify that secureZeroMemory doesn't have a buffer overrun.
+    ubyte[17] array;
+    array[] = 1;
+    ubyte[] slice = array[1..$-1];
+    secureZeroMemory(slice);
+    // Slice should be 0.
+    foreach (b; slice)
+        assert(b == 0);
+    // Bytes outside slice should be 1.
+    assert(array[0] == 1);
+    assert(array[$-1] == 1);
+}