Opened 5 years ago

Closed 5 years ago

Last modified 2 years ago

#2384 closed defect (fixed)

crypto.c: zero out sensitive data before freeing it

Reported by: cypherpunks Owned by:
Priority: normal Milestone:
Component: Tor Version:
Keywords: tor-relay Cc:
Actual Points: Parent ID:
Points:

Description

  1. crypto_pk_read_private_key_from_filename(): tor_free(contents)
  2. crypto_pk_write_private_key_to_filename(): tor_free(s)
  3. crypto_dh_compute_secret(): tor_free(secret_tmp)

Child Tickets

Change History (7)

comment:1 Changed 5 years ago by nickm

  • Milestone set to Tor: 0.2.1.x-final

comment:2 Changed 5 years ago by nickm

  • Status changed from new to needs_review

Fixed in branch bug2384, I hope.

comment:3 Changed 5 years ago by arma

a42adfbf43025d looks fine.

I have not audited to see if we're missing anything, but what we did shouldn't (ha) break anything.

comment:4 Changed 5 years ago by nickm

  • Resolution set to fixed
  • Status changed from needs_review to closed

merged

comment:5 Changed 3 years ago by nickm

  • Keywords tor-relay added

comment:6 Changed 3 years ago by nickm

  • Component changed from Tor Relay to Tor

comment:7 Changed 2 years ago by nickm

  • Milestone Tor: 0.2.1.x-final deleted

Milestone Tor: 0.2.1.x-final deleted

Note: See TracTickets for help on using tickets.