Jinoh Kang (@iamahuman) commented about dlls/ntdll/unix/system.c:
close( fd ); } }
+static void derive_machineid_to_uuid( GUID *uuid ) +{ + static unsigned char wine_uuid[16] = { 0xe8, 0x65, 0x52, 0x8d, 0x0a, 0xa2, 0x45, 0x27, + 0xa8, 0x3b, 0x15, 0xed, 0x41, 0xb5, 0xd0, 0x91 }; + GUID machine_uuid; + unsigned char out256[32]; /* returning first 128 bits only */ + + read_machine_id( &machine_uuid ); + + hmac_sha256( wine_uuid, sizeof(wine_uuid), (const unsigned char *)&machine_uuid, sizeof(machine_uuid), out256 ); + + memset( &machine_uuid, 0, sizeof(machine_uuid) );
This write is unused and will be optimized out by the compiler. Are you looking for something like [`explicit_bzero(3)`](https://man7.org/linux/man-pages/man3/bzero.3.html)? In that case, why is machine UUID considered sensitive enough to warrant erasure? -- https://gitlab.winehq.org/wine/wine/-/merge_requests/4108#note_49546