GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Commit e1c7d12b authored by Nick Mathewson's avatar Nick Mathewson 🤹

Turn some memset()s introduced in tor 0.2.4 into memwipe()s

parent 81deddb0
......@@ -317,8 +317,8 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
cleanup:
memset(payload, 0, sizeof(payload));
memset(tmp, 0, sizeof(tmp));
memwipe(payload, 0, sizeof(payload));
memwipe(tmp, 0, sizeof(tmp));
return status;
}
......@@ -696,7 +696,7 @@ rend_client_refetch_v2_renddesc(const rend_data_t *rend_query)
rend_client_desc_trynow(rend_query->onion_address);
done:
memset(descriptor_id, 0, sizeof(descriptor_id));
memwipe(descriptor_id, 0, sizeof(descriptor_id));
return;
}
......@@ -1281,8 +1281,8 @@ rend_parse_service_authorization(const or_options_t *options,
} else {
strmap_free(parsed, rend_service_authorization_strmap_item_free);
}
memset(descriptor_cookie_tmp, 0, sizeof(descriptor_cookie_tmp));
memset(descriptor_cookie_base64ext, 0, sizeof(descriptor_cookie_base64ext));
memwipe(descriptor_cookie_tmp, 0, sizeof(descriptor_cookie_tmp));
memwipe(descriptor_cookie_base64ext, 0, sizeof(descriptor_cookie_base64ext));
return res;
}
......@@ -161,7 +161,7 @@ rend_authorized_client_free(rend_authorized_client_t *client)
crypto_pk_free(client->client_key);
tor_strclear(client->client_name);
tor_free(client->client_name);
memset(client->descriptor_cookie, 0, sizeof(client->descriptor_cookie));
memwipe(client->descriptor_cookie, 0, sizeof(client->descriptor_cookie));
tor_free(client);
}
......@@ -699,10 +699,10 @@ rend_service_load_keys(rend_service_t *s)
tor_snprintf(buf, sizeof(buf),"%s.onion\n", s->service_id);
if (write_str_to_file(fname,buf,0)<0) {
log_warn(LD_CONFIG, "Could not write onion address to hostname file.");
memset(buf, 0, sizeof(buf));
memwipe(buf, 0, sizeof(buf));
return -1;
}
memset(buf, 0, sizeof(buf));
memwipe(buf, 0, sizeof(buf));
/* If client authorization is configured, load or generate keys. */
if (s->auth_type != REND_NO_AUTH) {
......@@ -830,13 +830,13 @@ rend_service_load_auth_keys(rend_service_t *s, const char *hfname)
* len is string length, not buffer length, but last byte is NUL
* anyway.
*/
memset(client_key_out, 0, len);
memwipe(client_key_out, 0, len);
tor_free(client_key_out);
goto err;
}
written = tor_snprintf(buf + written, sizeof(buf) - written,
"client-key\n%s", client_key_out);
memset(client_key_out, 0, len);
memwipe(client_key_out, 0, len);
tor_free(client_key_out);
if (written < 0) {
log_warn(LD_BUG, "Could not write client entry.");
......@@ -897,13 +897,13 @@ rend_service_load_auth_keys(rend_service_t *s, const char *hfname)
}
strmap_free(parsed_clients, rend_authorized_client_strmap_item_free);
memset(cfname, 0, sizeof(cfname));
memwipe(cfname, 0, sizeof(cfname));
/* Clear stack buffers that held key-derived material. */
memset(buf, 0, sizeof(buf));
memset(desc_cook_out, 0, sizeof(desc_cook_out));
memset(service_id, 0, sizeof(service_id));
memset(extended_desc_cookie, 0, sizeof(extended_desc_cookie));
memwipe(buf, 0, sizeof(buf));
memwipe(desc_cook_out, 0, sizeof(desc_cook_out));
memwipe(service_id, 0, sizeof(service_id));
memwipe(extended_desc_cookie, 0, sizeof(extended_desc_cookie));
return r;
}
......@@ -1540,7 +1540,7 @@ rend_service_free_intro(rend_intro_cell_t *request)
/* Have plaintext? */
if (request->plaintext) {
/* Zero it out just to be safe */
memset(request->plaintext, 0, request->plaintext_len);
memwipe(request->plaintext, 0, request->plaintext_len);
tor_free(request->plaintext);
request->plaintext_len = 0;
}
......@@ -1561,7 +1561,7 @@ rend_service_free_intro(rend_intro_cell_t *request)
break;
case 3:
if (request->u.v3.auth_data) {
memset(request->u.v3.auth_data, 0, request->u.v3.auth_len);
memwipe(request->u.v3.auth_data, 0, request->u.v3.auth_len);
tor_free(request->u.v3.auth_data);
}
......@@ -1577,7 +1577,7 @@ rend_service_free_intro(rend_intro_cell_t *request)
}
/* Zero it out to make sure sensitive stuff doesn't hang around in memory */
memset(request, 0, sizeof(*request));
memwipe(request, 0, sizeof(*request));
tor_free(request);
}
......@@ -2075,9 +2075,9 @@ rend_service_decrypt_intro(
else tor_free(err_msg);
/* clean up potentially sensitive material */
memset(buf, 0, sizeof(buf));
memset(key_digest, 0, sizeof(key_digest));
memset(service_id, 0, sizeof(service_id));
memwipe(buf, 0, sizeof(buf));
memwipe(key_digest, 0, sizeof(key_digest));
memwipe(service_id, 0, sizeof(service_id));
return status;
}
......@@ -2513,9 +2513,9 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
err:
circuit_mark_for_close(TO_CIRCUIT(circuit), reason);
done:
memset(buf, 0, sizeof(buf));
memset(auth, 0, sizeof(auth));
memset(serviceid, 0, sizeof(serviceid));
memwipe(buf, 0, sizeof(buf));
memwipe(auth, 0, sizeof(auth));
memwipe(serviceid, 0, sizeof(serviceid));
return;
}
......@@ -2665,9 +2665,9 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit)
err:
circuit_mark_for_close(TO_CIRCUIT(circuit), reason);
done:
memset(buf, 0, sizeof(buf));
memset(serviceid, 0, sizeof(serviceid));
memset(hexcookie, 0, sizeof(hexcookie));
memwipe(buf, 0, sizeof(buf));
memwipe(serviceid, 0, sizeof(serviceid));
memwipe(hexcookie, 0, sizeof(hexcookie));
return;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment