From f5112fa48754b33aa46c1bf79e11cf400d5084a8 Mon Sep 17 00:00:00 2001
From: Sebastian Hahn <sebastian@torproject.org>
Date: Mon, 22 Feb 2010 11:39:29 +0100
Subject: Zero a cipher completely before freeing it

We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
---
 src/common/aes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/common/aes.c')

diff --git a/src/common/aes.c b/src/common/aes.c
index 451c31f02a..eb7f8fe3fc 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -268,7 +268,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher)
 #ifdef USE_OPENSSL_EVP
   EVP_CIPHER_CTX_cleanup(&cipher->key);
 #endif
-  memset(cipher, 0, sizeof(cipher));
+  memset(cipher, 0, sizeof(aes_cnt_cipher_t));
   tor_free(cipher);
 }
 
-- 
cgit v1.2.3-54-g00ecf