[tor-commits] [tor/master] Clear socks auth fields before free
nickm at torproject.org
nickm at torproject.org
Sat Aug 6 00:21:57 UTC 2011
commit 413574ad388d1f5bb756e818beb5ea9837b03bc3
Author: Nick Mathewson <nickm at torproject.org>
Date: Fri Aug 5 19:07:33 2011 -0400
Clear socks auth fields before free
---
src/or/buffers.c | 10 ++++++++--
src/or/circuitlist.c | 10 ++++++++--
src/or/connection_edge.c | 10 ++++++++--
3 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/src/or/buffers.c b/src/or/buffers.c
index 5b9e55e..488289c 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1532,8 +1532,14 @@ socks_request_free(socks_request_t *req)
{
if (!req)
return;
- tor_free(req->username);
- tor_free(req->password);
+ if (req->username) {
+ memset(req->username, 0x10, req->usernamelen);
+ tor_free(req->username);
+ }
+ if (req->password) {
+ memset(req->password, 0x04, req->passwordlen);
+ tor_free(req->password);
+ }
memset(req, 0xCC, sizeof(socks_request_t));
tor_free(req);
}
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index 48c5afc..2222a25 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -552,8 +552,14 @@ circuit_free(circuit_t *circ)
rend_data_free(ocirc->rend_data);
tor_free(ocirc->dest_address);
- tor_free(ocirc->socks_username);
- tor_free(ocirc->socks_password);
+ if (ocirc->socks_username) {
+ memset(ocirc->socks_username, 0x12, ocirc->socks_username_len);
+ tor_free(ocirc->socks_username);
+ }
+ if (ocirc->socks_password) {
+ memset(ocirc->socks_password, 0x06, ocirc->socks_password_len);
+ tor_free(ocirc->socks_password);
+ }
} else {
or_circuit_t *ocirc = TO_OR_CIRCUIT(circ);
/* Remember cell statistics for this circuit before deallocating. */
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 83102ba..ae2dfd2 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -3569,8 +3569,14 @@ circuit_clear_isolation(origin_circuit_t *circ)
tor_free(circ->dest_address);
circ->session_group = -1;
circ->nym_epoch = 0;
- tor_free(circ->socks_username);
- tor_free(circ->socks_password);
+ if (circ->socks_username) {
+ memset(circ->socks_username, 0x11, circ->socks_username_len);
+ tor_free(circ->socks_username);
+ }
+ if (circ->socks_password) {
+ memset(circ->socks_password, 0x05, circ->socks_password_len);
+ tor_free(circ->socks_password);
+ }
circ->socks_username_len = circ->socks_password_len = 0;
}
More information about the tor-commits
mailing list