[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5137 [Obfsproxy]: crypt_free() might not zero enough?

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5137 [Obfsproxy]: crypt_free() might not zero enough?
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Tue, 14 Feb 2012 23:13:43 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 14 Feb 2012 18:13:54 -0500
In-reply-to: <049.36e2c6c1eb204c9ed27a940b5255c982@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.36e2c6c1eb204c9ed27a940b5255c982@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5137: crypt_free() might not zero enough?
-----------------------+----------------------------------------------------
 Reporter:  Sebastian  |          Owner:  asn         
     Type:  defect     |         Status:  needs_review
 Priority:  normal     |      Milestone:              
Component:  Obfsproxy  |        Version:              
 Keywords:             |         Parent:              
   Points:             |   Actualpoints:              
-----------------------+----------------------------------------------------
Changes (by Sebastian):

  * status:  new => needs_review


Comment:

 Branch bug5137 in my repository has the fix.

 ioerror points out that just zeroing might not be enough as the compiler
 could optimize that out, we'd need to overwrite it with stuff and then do
 something with it. But that seems like a more general thing, that could
 also affect tor?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5137#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #5137 [Obfsproxy]: crypt_free() might not zero enough?
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #5136 [Tor Bridge]: âRegistered server transport ...â should not be a warning
Next by Author: Re: [tor-bugs] #5132 [Translations]: Transifex exports empty android strings
Previous by thread: [tor-bugs] #5137 [Obfsproxy]: crypt_free() might not zero enough?
Next by thread: Re: [tor-bugs] #5137 [Obfsproxy]: crypt_free() might not zero enough?
Index(es):
- Author
- Thread