Commit ea876ab0 authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

Wipe address strings from connections before freeing them them.

This is a defense-in-depth fix; closes 6198.
parent 5b9508c9
o Minor features (defense in depth):
- Wipe more data from connection address fields before returning them to
the memory heap. Closes ticket 6198.
...@@ -637,7 +637,7 @@ connection_free_minimal(connection_t *conn) ...@@ -637,7 +637,7 @@ connection_free_minimal(connection_t *conn)
} }
} }
tor_free(conn->address); tor_str_wipe_and_free(conn->address);
if (connection_speaks_cells(conn)) { if (connection_speaks_cells(conn)) {
or_connection_t *or_conn = TO_OR_CONN(conn); or_connection_t *or_conn = TO_OR_CONN(conn);
...@@ -657,7 +657,7 @@ connection_free_minimal(connection_t *conn) ...@@ -657,7 +657,7 @@ connection_free_minimal(connection_t *conn)
} }
or_handshake_state_free(or_conn->handshake_state); or_handshake_state_free(or_conn->handshake_state);
or_conn->handshake_state = NULL; or_conn->handshake_state = NULL;
tor_free(or_conn->nickname); tor_str_wipe_and_free(or_conn->nickname);
if (or_conn->chan) { if (or_conn->chan) {
/* Owww, this shouldn't happen, but... */ /* Owww, this shouldn't happen, but... */
channel_t *base_chan = TLS_CHAN_TO_BASE(or_conn->chan); channel_t *base_chan = TLS_CHAN_TO_BASE(or_conn->chan);
...@@ -677,8 +677,8 @@ connection_free_minimal(connection_t *conn) ...@@ -677,8 +677,8 @@ connection_free_minimal(connection_t *conn)
} }
if (conn->type == CONN_TYPE_AP) { if (conn->type == CONN_TYPE_AP) {
entry_connection_t *entry_conn = TO_ENTRY_CONN(conn); entry_connection_t *entry_conn = TO_ENTRY_CONN(conn);
tor_free(entry_conn->chosen_exit_name); tor_str_wipe_and_free(entry_conn->chosen_exit_name);
tor_free(entry_conn->original_dest_address); tor_str_wipe_and_free(entry_conn->original_dest_address);
if (entry_conn->socks_request) if (entry_conn->socks_request)
socks_request_free(entry_conn->socks_request); socks_request_free(entry_conn->socks_request);
if (entry_conn->pending_optimistic_data) { if (entry_conn->pending_optimistic_data) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment