Loading changes/bug2384 +2 −1 Original line number Diff line number Diff line o Minor bugfixes - Zero out a few more keys in memory before freeing them. Fixes bug 2384. Found by cypherpunks. Bugfix on 0.0.2pre9. 2384 and part of bug 2385. These key instances found by "cypherpunks". Bugfix on 0.0.2pre9. src/or/rendclient.c +2 −0 Original line number Diff line number Diff line Loading @@ -717,8 +717,10 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, * attach only the connections that are waiting on this circuit, rather * than trying to attach them all. See comments bug 743. */ connection_ap_attach_pending(); memset(keys, 0, sizeof(keys)); return 0; err: memset(keys, 0, sizeof(keys)); circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL); return -1; } Loading src/or/rendservice.c +2 −0 Original line number Diff line number Diff line Loading @@ -1214,8 +1214,10 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, memcpy(cpath->handshake_digest, keys, DIGEST_LEN); if (extend_info) extend_info_free(extend_info); memset(keys, 0, sizeof(keys)); return 0; err: memset(keys, 0, sizeof(keys)); if (dh) crypto_dh_free(dh); if (launched) circuit_mark_for_close(TO_CIRCUIT(launched), reason); Loading Loading
changes/bug2384 +2 −1 Original line number Diff line number Diff line o Minor bugfixes - Zero out a few more keys in memory before freeing them. Fixes bug 2384. Found by cypherpunks. Bugfix on 0.0.2pre9. 2384 and part of bug 2385. These key instances found by "cypherpunks". Bugfix on 0.0.2pre9.
src/or/rendclient.c +2 −0 Original line number Diff line number Diff line Loading @@ -717,8 +717,10 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, * attach only the connections that are waiting on this circuit, rather * than trying to attach them all. See comments bug 743. */ connection_ap_attach_pending(); memset(keys, 0, sizeof(keys)); return 0; err: memset(keys, 0, sizeof(keys)); circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL); return -1; } Loading
src/or/rendservice.c +2 −0 Original line number Diff line number Diff line Loading @@ -1214,8 +1214,10 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, memcpy(cpath->handshake_digest, keys, DIGEST_LEN); if (extend_info) extend_info_free(extend_info); memset(keys, 0, sizeof(keys)); return 0; err: memset(keys, 0, sizeof(keys)); if (dh) crypto_dh_free(dh); if (launched) circuit_mark_for_close(TO_CIRCUIT(launched), reason); Loading
