safe_mem.h: fix secure_erase macro

c-programming/mem/safe_mem.h

@@ -12,6 +12,8 @@
 
 #include <stdlib.h>
 
+typedef unsigned char byte;
+
 #define SAFE_FREE_ERROR_HOOK /* user-defined */
 
 #define safe_free(ptr) do {                                                   \
@@ -24,7 +26,7 @@
 
 #define precise_malloc(nmemb, size)                                           \
     /* prevents incorrect casting */                                          \
-    malloc((size_t) nmemb * (size_t) size)
+    malloc((size_t) (nmemb) * (size_t) (size))
 
 /* secure_erase(dest, count): erases memory explicitly */
 #ifdef __FreeBSD__
@@ -44,24 +46,16 @@
 # define SECURE_ERASE_WARRANTY "C11+: memset_s"
 
 # include <string.h>
-# define secure_erase(dest, count) memset_s(dest, count, 0, count)
+# define secure_erase(dest, count) memset_s((dest), (count), 0, (count))
 #else
 # define NO_SECURE_ERASE_WARRANTY 1
 
 # include <string.h>
 
-# define __observe__(ptr) do {                                                \
-    if (*ptr == 0) {                                                          \
-        ++(*ptr);                                                             \
-        fprintf(stderr, "");                                                  \
-    } else                                                                    \
-        --(*ptr);                                                             \
-} while (0)
-
 # define secure_erase(dest, count) do {                                       \
-    memset(dest, 0, count);                                                   \
+    uintptr_t max = (uintptr_t) ((count) / sizeof(byte));                     \
-    for (size_t i = 0; i < count; i++)                                        \
+    for (size_t i = 0; i < max; i++)                                          \
-        __observe__(dest[i]);                                                 \
+        *((byte*) (dest) + i) = 0;                                            \
 } while (0)
 #endif