Replace bzero() with memset()

This was found by clang-tidy's
"clang-analyzer-security.insecureAPI.bzero" check.

bzero is marked as deprecated ("LEGACY") in POSIX.1-2001 and
removed in POSIX.1-2008.

Besides its deprecation, bzero can be unsafe to use under certain
circumstances, e.g. when used to zero-out memory containing secrects.
These calls can be optimized away by the compiler, if it concludes no
further access happens to the memory, thus leaving the secrets still
in memory. Hence its classification as "insecureAPI".

Signed-off-by: Tim Wiederhake <twiederh@redhat.com>
Reviewed-by: Peter Krempa <pkrempa@redhat.com>

src/util/virarptable.c

@@ -120,7 +120,7 @@ virArpTableGet(void)
             table->n = num + 1;
 
             addr = RTA_DATA(tb[NDA_DST]);
-            bzero(&virAddr, sizeof(virAddr));
+            memset(&virAddr, 0, sizeof(virAddr));
             virAddr.len = sizeof(virAddr.data.inet4);
             virAddr.data.inet4.sin_family = AF_INET;
             virAddr.data.inet4.sin_addr = *(struct in_addr *)addr;

tests/virpcimock.c

@@ -233,7 +233,7 @@ pci_read_file(const char *path,
     if ((fd = real_open(newpath, O_RDWR)) < 0)
         goto cleanup;
 
-    bzero(buf, buf_size);
+    memset(buf, 0, buf_size);
     if (saferead(fd, buf, buf_size - 1) < 0) {
         STDERR("Unable to read from %s", newpath);
         goto cleanup;