[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] [tor/master 4/7] Zero a cipher completely before freeing it
Author: Sebastian Hahn <sebastian@xxxxxxxxxxxxxx>
Date: Mon, 22 Feb 2010 11:39:29 +0100
Subject: Zero a cipher completely before freeing it
Commit: f5112fa48754b33aa46c1bf79e11cf400d5084a8
We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
---
ChangeLog | 3 +++
src/common/aes.c | 2 +-
2 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index be7b30b..64a21a1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,6 +45,9 @@ Changes in version 0.2.2.9-alpha - 2010-02-22
- Fix a spec conformance issue: the network-status-version token
must be the first token in a v3 consensus or vote. Discovered by
parakeep. Bugfix on 0.2.0.3-alpha.
+ - When freeing a cipher, zero it out completely. We only zeroed
+ the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered
+ and patched by ekir. Fixes bug 1254.
o Code simplifications and refactoring:
- Generate our manpage and HTML documentation using Asciidoc. This
diff --git a/src/common/aes.c b/src/common/aes.c
index 451c31f..eb7f8fe 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -268,7 +268,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher)
#ifdef USE_OPENSSL_EVP
EVP_CIPHER_CTX_cleanup(&cipher->key);
#endif
- memset(cipher, 0, sizeof(cipher));
+ memset(cipher, 0, sizeof(aes_cnt_cipher_t));
tor_free(cipher);
}
--
1.6.5