Opened 8 years ago

Closed 8 years ago

#5137 closed defect (fixed)

crypt_free() might not zero enough?

Reported by: Sebastian Owned by: asn
Priority: Medium Milestone:
Component: Archived/Obfsproxy Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I think there's a bug where we only zero ptrsize bytes, rather than the entire thing.

Child Tickets

Change History (2)

comment:1 Changed 8 years ago by Sebastian

Status: newneeds_review

Branch bug5137 in my repository has the fix.

ioerror points out that just zeroing might not be enough as the compiler could optimize that out, we'd need to overwrite it with stuff and then do something with it. But that seems like a more general thing, that could also affect tor?

comment:2 Changed 8 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merged the patch.

In practice, I don't believe any compilers currently optimize out memset before free. If we find one, we should yell and cuss and invent a memset-that-works function.

Note: See TracTickets for help on using tickets.