[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #7352 [Tor]: make defense-in-depth memsets work in spite of compilers
#7352: make defense-in-depth memsets work in spite of compilers
--------------------------+-------------------------------------------------
Reporter: nickm_mobile | Owner:
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version:
Keywords: tor-relay | Parent:
Points: | Actualpoints:
--------------------------+-------------------------------------------------
Comment(by nickm):
To be specific, when this lands in 0.2.4 we should start looking for
faster alternatives to OPENSSL_cleanse(). This are likely to be less
portable. We should also grep for all the new memset() instances in
0.2.4.
I used memwipe() here not only on stack-allocated stuff that was about to
go out-of-scope, but also on heap-allocated stuff that we were about to
get freed, since I bet that somebody out there optimizes those out too, or
will eventually.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7352#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs