Move zeroize-as-memset into a config file under tests/
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
diff --git a/include/mbedtls/platform_util.h b/include/mbedtls/platform_util.h
index 17e1752..4dcce36 100644
--- a/include/mbedtls/platform_util.h
+++ b/include/mbedtls/platform_util.h
@@ -167,28 +167,17 @@
* \param len Length of the buffer in bytes
*
*/
-#if defined(MBEDTLS_PLATFORM_ZEROIZE_CHECK_UNSAFE)
-#define MBEDTLS_PLATFORM_ZEROIZE_ALT
-#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len)
-#include <string.h>
-#else
+#if !defined(MBEDTLS_TEST_DEFINES_ZEROIZE)
void mbedtls_platform_zeroize(void *buf, size_t len);
#endif
-/* MBEDTLS_PLATFORM_ZEROIZE_CHECK_UNSAFE
+/* MBEDTLS_TEST_DEFINES_ZEROIZE
*
- * Replaces calls to mbedtls_platform_zeroize() with calls to memset(),
- * to allow compiler analysis to check for invalid length arguments (e.g.
- * specifying sizeof(pointer) rather than sizeof(pointee)).
- *
- * Note that this option is meant for internal use only and must not be used
- * in production builds, because that would lead to zeroization calls being
- * optimised out by the compiler.
- *
- * It is only intended to be used in CFLAGS, with -Wsizeof-pointer-memaccess,
- * to check for those incorrect calls to mbedtls_platform_zeroize().
+ * Indicates that the library is being built by the test framework, and the
+ * framework is going to provide a replacement mbedtls_platform_zeroize()
+ * using a pre-processor macro, so the function declaration should be omitted.
*/
-//#define MBEDTLS_PLATFORM_ZEROIZE_CHECK_UNSAFE
+//#define MBEDTLS_TEST_DEFINES_ZEROIZE
#if defined(MBEDTLS_HAVE_TIME_DATE)
/**
diff --git a/tests/configs/config-wrapper-zeroize-memset.h b/tests/configs/config-wrapper-zeroize-memset.h
new file mode 100644
index 0000000..d1bfa17
--- /dev/null
+++ b/tests/configs/config-wrapper-zeroize-memset.h
@@ -0,0 +1,31 @@
+/* mbedtls_config.h wrapper that defines mbedtls_platform_zeroize() to be
+ * memset(), so that the compile can check arguments for us.
+ * Used for testing.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "mbedtls/mbedtls_config.h"
+
+#include <string.h>
+
+/* Define _ALT so we don't get the built-in implementation. The test code will
+ * also need to define MBEDTLS_TEST_DEFINES_ZEROIZE so we don't get the
+ * declaration. */
+#define MBEDTLS_PLATFORM_ZEROIZE_ALT
+
+#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len)
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index dad8464..55cd663 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -5123,7 +5123,7 @@
scripts/config.py full
# Only compile - we're looking for sizeof-pointer-memaccess warnings
- make CC=gcc CFLAGS='-Werror -DMBEDTLS_PLATFORM_ZEROIZE_CHECK_UNSAFE -Wsizeof-pointer-memaccess'
+ make CC=gcc CFLAGS="'-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/config-wrapper-zeroize-memset.h\"' -DMBEDTLS_TEST_DEFINES_ZEROIZE -Werror -Wsizeof-pointer-memaccess"
}