From: Nick Mathewson Date: Tue, 9 Apr 2019 15:10:26 +0000 (-0400) Subject: expand CMD_FL_WIPE to wipe the parsed arguments too X-Git-Tag: tor-0.4.1.1-alpha~49^2~3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ff9ba7d6c4ba7072b9a96d527959350ef90406b3;p=thirdparty%2Ftor.git expand CMD_FL_WIPE to wipe the parsed arguments too --- diff --git a/src/feature/control/control_cmd.c b/src/feature/control/control_cmd.c index c3863c6461..7a9af19cd0 100644 --- a/src/feature/control/control_cmd.c +++ b/src/feature/control/control_cmd.c @@ -81,6 +81,24 @@ control_cmd_args_free_(control_cmd_args_t *args) tor_free(args); } +/** Erase all memory held in args. */ +void +control_cmd_args_wipe(control_cmd_args_t *args) +{ + if (!args) + return; + + if (args->args) { + SMARTLIST_FOREACH(args->args, char *, c, memwipe(c, 0, strlen(c))); + } + for (config_line_t *line = args->kwargs; line; line = line->next) { + memwipe(line->key, 0, strlen(line->key)); + memwipe(line->value, 0, strlen(line->value)); + } + if (args->object) + memwipe(args->object, 0, args->object_len); +} + /** * Return true iff any element of the NULL-terminated array matches * kwd. Case-insensitive. @@ -2328,6 +2346,10 @@ handle_single_control_command(const control_cmd_def_t *def, tor_free(err); if (def->handler(conn, parsed_args)) rv = 0; + + if (def->flags & CMD_FL_WIPE) + control_cmd_args_wipe(parsed_args); + control_cmd_args_free(parsed_args); } diff --git a/src/feature/control/control_cmd.h b/src/feature/control/control_cmd.h index b825d6da5c..986718887c 100644 --- a/src/feature/control/control_cmd.h +++ b/src/feature/control/control_cmd.h @@ -21,6 +21,7 @@ void control_cmd_free_all(void); typedef struct control_cmd_args_t control_cmd_args_t; void control_cmd_args_free_(control_cmd_args_t *args); +void control_cmd_args_wipe(control_cmd_args_t *args); #define control_cmd_args_free(v) \ FREE_AND_NULL(control_cmd_args_t, control_cmd_args_free_, (v))