From nobody Mon Feb  9 12:25:36 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 216.205.24.124 as permitted sender) client-ip=216.205.24.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass(p=none dis=none)  header.from=redhat.com
ARC-Seal: i=1; a=rsa-sha256; t=1612183363; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Zl0SDxDyunwGb6FIb67f9ugTRPUlv634n7QyrXOm/WLsXzg+bZQQtDVNOvqpXf6nYm52MpsqxrmN1acXPN9G+t1v+5YesL90Kxb/dm4lJLqFdKMPniJrfvaVQLQg5NVmRd8gDq6/5eeZvgczzO35e7n4jTCmInQriKk1FWd8D1Y=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1612183363;
 h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=ZIdTg6bA6ytt4UUtgwGbfBzWqLmrULzPUN+gLKRtCN4=;
	b=hqqz/NsB4JjIsPbwwqT6jaVnMovVXQK9OnaQ95WbUK0VXGoxvCKVFcXs64X60CSV2/TufZSbnvh1Rv/BaBM0Rm96MMfO6vi6a+uJZmeIBgr10F52G2Ij61x3pWPt65xwRxH7+HyzkQeJnlFPOLg0dRkigNXfXKxeP45NuWhvdAg=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=pass header.from=<twiederh@redhat.com> (p=none dis=none)
 header.from=<twiederh@redhat.com>
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com
	with SMTPS id 1612183363212631.4738544960841;
 Mon, 1 Feb 2021 04:42:43 -0800 (PST)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-589-_mVtAxmoN-aFrzHc0_-2KQ-1; Mon, 01 Feb 2021 07:42:39 -0500
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9CD20801AE2;
	Mon,  1 Feb 2021 12:42:33 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 793B760C5F;
	Mon,  1 Feb 2021 12:42:33 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 414D71809C9F;
	Mon,  1 Feb 2021 12:42:33 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com
	[10.5.11.15])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 111CgIeQ014693 for <libvir-list@listman.util.phx.redhat.com>;
	Mon, 1 Feb 2021 07:42:18 -0500
Received: by smtp.corp.redhat.com (Postfix)
	id 7A0E45D756; Mon,  1 Feb 2021 12:42:18 +0000 (UTC)
Received: from work.redhat.com (ovpn-113-167.ams2.redhat.com [10.36.113.167])
	by smtp.corp.redhat.com (Postfix) with ESMTP id AA94E5D749;
	Mon,  1 Feb 2021 12:42:17 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1612183362;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post;
	bh=ZIdTg6bA6ytt4UUtgwGbfBzWqLmrULzPUN+gLKRtCN4=;
	b=bzzJszXjKdZk9vvHBnnpU2bnXvDr6WOUy1PaHxHQfQ5SuLo/9ksRSiM3DQXOJqfSJsiCxl
	FweJecwpyPb5S/K95yI+kS3+U1kRvotYAtonUqdEAmPA25VCigEYA2mYGzT3ZN0dJW49ml
	09taWTcDetn8w83bD/3pzzEOXXASBoc=
X-MC-Unique: _mVtAxmoN-aFrzHc0_-2KQ-1
From: Tim Wiederhake <twiederh@redhat.com>
To: libvir-list@redhat.com
Subject: [libvirt PATCH v2 05/10] Replace bzero() with memset()
Date: Mon,  1 Feb 2021 13:42:02 +0100
Message-Id: <20210201124207.148709-6-twiederh@redhat.com>
In-Reply-To: <20210201124207.148709-1-twiederh@redhat.com>
References: <20210201124207.148709-1-twiederh@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15
X-loop: libvir-list@redhat.com
Cc: Tim Wiederhake <twiederh@redhat.com>
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @redhat.com)
Content-Type: text/plain; charset="utf-8"

This was found by clang-tidy's
"clang-analyzer-security.insecureAPI.bzero" check.

bzero is marked as deprecated ("LEGACY") in POSIX.1-2001 and
removed in POSIX.1-2008.

Besides its deprecation, bzero can be unsafe to use under certain
circumstances, e.g. when used to zero-out memory containing secrects.
These calls can be optimized away by the compiler, if it concludes no
further access happens to the memory, thus leaving the secrets still
in memory. Hence its classification as "insecureAPI".

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>
---
 src/util/virarptable.c | 2 +-
 tests/virpcimock.c     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/util/virarptable.c b/src/util/virarptable.c
index d62de5e3dd..dac3486470 100644
--- a/src/util/virarptable.c
+++ b/src/util/virarptable.c
@@ -120,7 +120,7 @@ virArpTableGet(void)
             table->n =3D num + 1;
=20
             addr =3D RTA_DATA(tb[NDA_DST]);
-            bzero(&virAddr, sizeof(virAddr));
+            memset(&virAddr, 0, sizeof(virAddr));
             virAddr.len =3D sizeof(virAddr.data.inet4);
             virAddr.data.inet4.sin_family =3D AF_INET;
             virAddr.data.inet4.sin_addr =3D *(struct in_addr *)addr;
diff --git a/tests/virpcimock.c b/tests/virpcimock.c
index 4aa96cae08..f6280fc8b5 100644
--- a/tests/virpcimock.c
+++ b/tests/virpcimock.c
@@ -233,7 +233,7 @@ pci_read_file(const char *path,
     if ((fd =3D real_open(newpath, O_RDWR)) < 0)
         goto cleanup;
=20
-    bzero(buf, buf_size);
+    memset(buf, 0, buf_size);
     if (saferead(fd, buf, buf_size - 1) < 0) {
         STDERR("Unable to read from %s", newpath);
         goto cleanup;
--=20
2.26.2