[tor-commits] [tor/master] expand CMD_FL_WIPE to wipe the parsed arguments too

dgoulet at torproject.org dgoulet at torproject.org
Tue Apr 30 15:57:51 UTC 2019 

commit ff9ba7d6c4ba7072b9a96d527959350ef90406b3
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Apr 9 11:10:26 2019 -0400

    expand CMD_FL_WIPE to wipe the parsed arguments too
---
 src/feature/control/control_cmd.c | 22 ++++++++++++++++++++++
 src/feature/control/control_cmd.h |  1 +
 2 files changed, 23 insertions(+)

diff --git a/src/feature/control/control_cmd.c b/src/feature/control/control_cmd.c
index c3863c646..7a9af19cd 100644
--- a/src/feature/control/control_cmd.c
+++ b/src/feature/control/control_cmd.c
@@ -81,6 +81,24 @@ control_cmd_args_free_(control_cmd_args_t *args)
   tor_free(args);
 }
 
+/** Erase all memory held in <b>args</b>. */
+void
+control_cmd_args_wipe(control_cmd_args_t *args)
+{
+  if (!args)
+    return;
+
+  if (args->args) {
+    SMARTLIST_FOREACH(args->args, char *, c, memwipe(c, 0, strlen(c)));
+  }
+  for (config_line_t *line = args->kwargs; line; line = line->next) {
+    memwipe(line->key, 0, strlen(line->key));
+    memwipe(line->value, 0, strlen(line->value));
+  }
+  if (args->object)
+    memwipe(args->object, 0, args->object_len);
+}
+
 /**
  * Return true iff any element of the NULL-terminated <b>array</b> matches
  * <b>kwd</b>. Case-insensitive.
@@ -2328,6 +2346,10 @@ handle_single_control_command(const control_cmd_def_t *def,
       tor_free(err);
     if (def->handler(conn, parsed_args))
       rv = 0;
+
+    if (def->flags & CMD_FL_WIPE)
+      control_cmd_args_wipe(parsed_args);
+
     control_cmd_args_free(parsed_args);
   }
 
diff --git a/src/feature/control/control_cmd.h b/src/feature/control/control_cmd.h
index b825d6da5..986718887 100644
--- a/src/feature/control/control_cmd.h
+++ b/src/feature/control/control_cmd.h
@@ -21,6 +21,7 @@ void control_cmd_free_all(void);
 
 typedef struct control_cmd_args_t control_cmd_args_t;
 void control_cmd_args_free_(control_cmd_args_t *args);
+void control_cmd_args_wipe(control_cmd_args_t *args);
 
 #define control_cmd_args_free(v) \
   FREE_AND_NULL(control_cmd_args_t, control_cmd_args_free_, (v))

More information about the tor-commits mailing list