From 78297c9bd458a14bd43b58c4fa6678d154321e03 Mon Sep 17 00:00:00 2001
From: zrj <rimvydas.jasinskas@gmail.com>
Date: Tue, 9 Apr 2019 11:26:46 +0300
Subject: [PATCH] libc/stdlib: Add freezero() function.

It is useful function for security related features. Internally uses
explicit_bzero(3) before freeing the pointers. It could be implemented
in nmalloc.c for extra benefits.
Update the manpage.

Taken-from: OpenBSD
---
 include/stdlib.h             |  1 +
 lib/libc/stdlib/Makefile.inc |  4 +++-
 lib/libc/stdlib/Symbol.map   |  1 +
 lib/libc/stdlib/freezero.c   | 32 ++++++++++++++++++++++++++++++++
 lib/libc/stdlib/malloc.3     | 25 +++++++++++++++++++++++--
 5 files changed, 60 insertions(+), 3 deletions(-)
 create mode 100644 lib/libc/stdlib/freezero.c

diff --git a/include/stdlib.h b/include/stdlib.h
index 16637d1883..fa4579b476 100644
--- a/include/stdlib.h
+++ b/include/stdlib.h
@@ -286,6 +286,7 @@ char	*devname(dev_t, mode_t);
 char	*devname_r(dev_t, mode_t, char *, size_t);
 char	*fdevname(int);
 int	 fdevname_r(int, char *, size_t);
+void	 freezero(void *, size_t);
 int	 getloadavg(double [], int);
 const char *
 	 getprogname(void);
diff --git a/lib/libc/stdlib/Makefile.inc b/lib/libc/stdlib/Makefile.inc
index 61f7b8deb8..0d6c8661ac 100644
--- a/lib/libc/stdlib/Makefile.inc
+++ b/lib/libc/stdlib/Makefile.inc
@@ -9,7 +9,8 @@ CMAPS+=	${.CURDIR}/stdlib/Symbol.map
 MISRCS+=a64l.c abort.c abs.c atexit.c \
 	atof.c atoi.c atol.c atoll.c \
 	bsearch.c cxa_thread_atexit_impl.c \
-	div.c exit.c getenv.c getopt.c getopt_long.c \
+	div.c exit.c freezero.c \
+	getenv.c getopt.c getopt_long.c \
 	getsubopt.c hcreate.c heapsort.c imaxabs.c imaxdiv.c \
 	insque.c l64a.c labs.c ldiv.c llabs.c lldiv.c lsearch.c \
 	merge.c ptsname.c qsort.c qsort_r.c quick_exit.c \
@@ -64,6 +65,7 @@ MLINKS+=insque.3 remque.3
 MLINKS+=lsearch.3 lfind.3
 MLINKS+=malloc.3 calloc.3 \
 	malloc.3 free.3 \
+	malloc.3 freezero.3 \
 	malloc.3 realloc.3 \
 	malloc.3 reallocf.3
 MLINKS+=posix_memalign.3 aligned_alloc.3
diff --git a/lib/libc/stdlib/Symbol.map b/lib/libc/stdlib/Symbol.map
index ad84353a59..7c64fef763 100644
--- a/lib/libc/stdlib/Symbol.map
+++ b/lib/libc/stdlib/Symbol.map
@@ -119,6 +119,7 @@ DF504.0 {
 DF506.0 {
     __aligned_alloc;
     __cxa_thread_atexit_impl;
+    freezero;
     reallocarray;
 };
 
diff --git a/lib/libc/stdlib/freezero.c b/lib/libc/stdlib/freezero.c
new file mode 100644
index 0000000000..31face3828
--- /dev/null
+++ b/lib/libc/stdlib/freezero.c
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek <otto@drijf.net>
+ * Copyright (c) 2012 Matthew Dempsky <matthew@openbsd.org>
+ * Copyright (c) 2008 Damien Miller <djm@openbsd.org>
+ * Copyright (c) 2000 Poul-Henning Kamp <phk@FreeBSD.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <string.h>
+#include <stdlib.h>
+
+void
+freezero(void *ptr, size_t sz)
+{
+	/* This is legal. */
+	if (ptr == NULL)
+		return;
+
+	explicit_bzero(ptr, sz);
+	free(ptr);
+}
diff --git a/lib/libc/stdlib/malloc.3 b/lib/libc/stdlib/malloc.3
index 617fd8d8a3..476df08c22 100644
--- a/lib/libc/stdlib/malloc.3
+++ b/lib/libc/stdlib/malloc.3
@@ -34,7 +34,7 @@
 .\"     @(#)malloc.3	8.1 (Berkeley) 6/4/93
 .\" $FreeBSD: src/lib/libc/stdlib/malloc.3,v 1.73 2007/06/15 22:32:33 jasone Exp $
 .\"
-.Dd January 12, 2019
+.Dd April 11, 2019
 .Dt MALLOC 3
 .Os
 .Sh NAME
@@ -42,7 +42,8 @@
 .Nm calloc ,
 .Nm realloc ,
 .Nm reallocf ,
-.Nm free
+.Nm free ,
+.Nm freezero
 .Nd general purpose memory allocation functions
 .Sh LIBRARY
 .Lb libc
@@ -58,6 +59,8 @@
 .Fn reallocf "void *ptr" "size_t size"
 .Ft void
 .Fn free "void *ptr"
+.Ft void
+.Fn freezero "void *ptr" "size_t size"
 .Sh DESCRIPTION
 The
 .Fn malloc
@@ -136,6 +139,17 @@ If
 is
 .Dv NULL ,
 no action occurs.
+.Pp
+The
+.Fn freezero
+function is similar to the
+.Fn free
+function.
+Cached free objects are cleared with
+.Xr explicit_bzero 3 .
+The
+.Fa size
+argument must be equal to or smaller than the size of the earlier allocation.
 .Sh IMPLEMENTATION NOTES
 .Dx Ap s
 .Nm
@@ -329,6 +343,13 @@ The
 function first appeared in
 .Fx 3.0 .
 .Pp
+The
+.Fn freezero
+function appeared in
+.Ox 6.2
+and
+.Dx 5.6 .
+.Pp
 .Dx Ap s
 .Nm
 implementation is based on the kernel's slab allocator (see
-- 
2.41.0