[or-cvs] [tor/master 1/4] Zero a cipher completely before freeing it
nickm at torproject.org
nickm at torproject.org
Sat Feb 27 20:34:37 UTC 2010
Author: Sebastian Hahn <sebastian at torproject.org>
Date: Mon, 22 Feb 2010 11:39:29 +0100
Subject: Zero a cipher completely before freeing it
Commit: a9802d3322f14e9649cbec354ffcf7e1cf266494
We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.
---
ChangeLog | 6 ++++++
src/common/aes.c | 2 +-
2 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 224b08e..24b0cc6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Changes in version 0.2.1.25 - 2010-??-??
+ o Major bugfixes:
+ - When freeing a cipher, zero it out completely. We only zeroed
+ the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered
+ and patched by ekir. Fixes bug 1254.
+
Changes in version 0.2.1.24 - 2010-02-21
Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time
for sure!
diff --git a/src/common/aes.c b/src/common/aes.c
index e076656..2249889 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -267,7 +267,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher)
#ifdef USE_OPENSSL_EVP
EVP_CIPHER_CTX_cleanup(&cipher->key);
#endif
- memset(cipher, 0, sizeof(cipher));
+ memset(cipher, 0, sizeof(aes_cnt_cipher_t));
tor_free(cipher);
}
--
1.6.5
More information about the tor-commits
mailing list