diff options
| author | Sebastian Hahn <sebastian@torproject.org> | 2010-02-22 11:39:29 +0100 |
|---|---|---|
| committer | Sebastian Hahn <sebastian@torproject.org> | 2010-02-22 11:41:39 +0100 |
| commit | f5112fa48754b33aa46c1bf79e11cf400d5084a8 (patch) | |
| tree | 78ccf646386137d5e18037e1de4b318eb20f5d64 | |
| parent | a7e0b2d6d9f7aaca005d267af6950abe4dd74d89 (diff) | |
| download | tor-f5112fa48754b33aa46c1bf79e11cf400d5084a8.tar.gz tor-f5112fa48754b33aa46c1bf79e11cf400d5084a8.zip | |
Zero a cipher completely before freeing it
We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | src/common/aes.c | 2 |
2 files changed, 4 insertions, 1 deletions
@@ -45,6 +45,9 @@ Changes in version 0.2.2.9-alpha - 2010-02-22 - Fix a spec conformance issue: the network-status-version token must be the first token in a v3 consensus or vote. Discovered by parakeep. Bugfix on 0.2.0.3-alpha. + - When freeing a cipher, zero it out completely. We only zeroed + the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered + and patched by ekir. Fixes bug 1254. o Code simplifications and refactoring: - Generate our manpage and HTML documentation using Asciidoc. This diff --git a/src/common/aes.c b/src/common/aes.c index 451c31f02a..eb7f8fe3fc 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -268,7 +268,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher) #ifdef USE_OPENSSL_EVP EVP_CIPHER_CTX_cleanup(&cipher->key); #endif - memset(cipher, 0, sizeof(cipher)); + memset(cipher, 0, sizeof(aes_cnt_cipher_t)); tor_free(cipher); } |