commit ff9ba7d6c4ba7072b9a96d527959350ef90406b3 Author: Nick Mathewson nickm@torproject.org Date: Tue Apr 9 11:10:26 2019 -0400
expand CMD_FL_WIPE to wipe the parsed arguments too --- src/feature/control/control_cmd.c | 22 ++++++++++++++++++++++ src/feature/control/control_cmd.h | 1 + 2 files changed, 23 insertions(+)
diff --git a/src/feature/control/control_cmd.c b/src/feature/control/control_cmd.c index c3863c646..7a9af19cd 100644 --- a/src/feature/control/control_cmd.c +++ b/src/feature/control/control_cmd.c @@ -81,6 +81,24 @@ control_cmd_args_free_(control_cmd_args_t *args) tor_free(args); }
+/** Erase all memory held in <b>args</b>. */ +void +control_cmd_args_wipe(control_cmd_args_t *args) +{ + if (!args) + return; + + if (args->args) { + SMARTLIST_FOREACH(args->args, char *, c, memwipe(c, 0, strlen(c))); + } + for (config_line_t *line = args->kwargs; line; line = line->next) { + memwipe(line->key, 0, strlen(line->key)); + memwipe(line->value, 0, strlen(line->value)); + } + if (args->object) + memwipe(args->object, 0, args->object_len); +} + /** * Return true iff any element of the NULL-terminated <b>array</b> matches * <b>kwd</b>. Case-insensitive. @@ -2328,6 +2346,10 @@ handle_single_control_command(const control_cmd_def_t *def, tor_free(err); if (def->handler(conn, parsed_args)) rv = 0; + + if (def->flags & CMD_FL_WIPE) + control_cmd_args_wipe(parsed_args); + control_cmd_args_free(parsed_args); }
diff --git a/src/feature/control/control_cmd.h b/src/feature/control/control_cmd.h index b825d6da5..986718887 100644 --- a/src/feature/control/control_cmd.h +++ b/src/feature/control/control_cmd.h @@ -21,6 +21,7 @@ void control_cmd_free_all(void);
typedef struct control_cmd_args_t control_cmd_args_t; void control_cmd_args_free_(control_cmd_args_t *args); +void control_cmd_args_wipe(control_cmd_args_t *args);
#define control_cmd_args_free(v) \ FREE_AND_NULL(control_cmd_args_t, control_cmd_args_free_, (v))