Zero a cipher completely before freeing it

We used to only zero the first ptrsize bytes of the cipher. Since
cipher is large enough, we didn't zero too many bytes. Discovered
and fixed by ekir. Fixes bug 1254.

diff --git a/ChangeLog b/ChangeLog
index be7b30b18247da44cf1ebd02be0a4aa92c84070c..64a21a1ba5e6ed9e969dc0b4b15bf62e1a7a7958 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,6 +45,9 @@ Changes in version 0.2.2.9-alpha - 2010-02-22
     - Fix a spec conformance issue: the network-status-version token
       must be the first token in a v3 consensus or vote. Discovered by
       parakeep. Bugfix on 0.2.0.3-alpha.
+    - When freeing a cipher, zero it out completely. We only zeroed
+      the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered
+      and patched by ekir. Fixes bug 1254.
 
   o Code simplifications and refactoring:
     - Generate our manpage and HTML documentation using Asciidoc. This

diff --git a/src/common/aes.c b/src/common/aes.c
index 451c31f02a3bb744eab0df7a6e98592bed9166da..eb7f8fe3fcf834d0aaac7446e3c70fc93c57e68c 100644 (file)
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -268,7 +268,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher)
 #ifdef USE_OPENSSL_EVP
   EVP_CIPHER_CTX_cleanup(&cipher->key);
 #endif
-  memset(cipher, 0, sizeof(cipher));
+  memset(cipher, 0, sizeof(aes_cnt_cipher_t));
   tor_free(cipher);
 }