don't use memset() in privacy/security relevant code parts

As memset() can be optimized out by a compiler it should not be used in
privacy/security relevant code parts. OpenSSL provides the safe
OPENSSL_cleanse() function in crypto.h, which perfectly does the job of
clean and overwrite data.

For details see: http://www.viva64.com/en/b/0178/

- change memset() to OPENSSL_cleanse() where appropriate
- change a hard-coded number from netbase.cpp into a sizeof()

1 files changed, 4 insertions, 2 deletions

diff --git a/src/serialize.h b/src/serialize.h
index 8b75cf8b8..73c1139db 100644
--- a/src/serialize.h
+++ b/src/serialize.h
@@ -14,6 +14,8 @@
 #include <cstring>
 #include <cstdio>
 
+#include <openssl/crypto.h> // for OPENSSL_cleanse()
+
 #include <boost/type_traits/is_fundamental.hpp>
 #include <boost/tuple/tuple.hpp>
 #include <boost/tuple/tuple_comparison.hpp>
@@ -813,7 +815,7 @@ struct secure_allocator : public std::allocator<T>
     {
         if (p != NULL)
         {
-            memset(p, 0, sizeof(T) * n);
+            OPENSSL_cleanse(p, sizeof(T) * n);
             munlock(p, sizeof(T) * n);
         }
         std::allocator<T>::deallocate(p, n);
@@ -847,7 +849,7 @@ struct zero_after_free_allocator : public std::allocator<T>
     void deallocate(T* p, std::size_t n)
     {
         if (p != NULL)
-            memset(p, 0, sizeof(T) * n);
+            OPENSSL_cleanse(p, sizeof(T) * n);
         std::allocator<T>::deallocate(p, n);
     }
 };