From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 14 Sep 2016 14:58:00 +0000 (-0400)
Subject: Fix a bogus memwipe length in rend_service_load_auth_keys().
X-Git-Tag: tor-0.2.9.3-alpha~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=425f5e6d40d756dabef4354fec562c6de2c56efd;p=thirdparty%2Ftor.git

Fix a bogus memwipe length in rend_service_load_auth_keys().

Bugfix on a4f46ff8ba43b1e635bc5a8543b9354e6de02e14. Found by Coverity.
---

diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 4f7d7aa726..114a56b74e 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -1490,7 +1490,7 @@ rend_service_load_auth_keys(rend_service_t *s, const char *hfname)
   strmap_free(parsed_clients, rend_authorized_client_strmap_item_free);
 
   if (cfname) {
-    memwipe(cfname, 0, sizeof(cfname));
+    memwipe(cfname, 0, strlen(cfname));
     tor_free(cfname);
   }