nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-05-27 06:44:49 -05:00
Code Issues Projects Releases Wiki Activity

Found a lot of places in sshbn.c where for-loops zeroing out memory

Browse Source 
just before freeing it really ought to be smemclrs.

[originally from svn r9981]
This commit is contained in:
Simon Tatham 2013-08-02 19:51:36 +00:00
parent 493a333078
commit 55e8a268ab
1 changed files with 20 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
sshbn.c
View File

@ -815,20 +815,15 @@ Bignum modpow_simple(Bignum base_in, Bignum exp, Bignum mod)
result[0]--; result[0]--;
/* Free temporary arrays */ /* Free temporary arrays */
for (i = 0; i < 2 * mlen; i++) smemclr(a, 2 * mlen * sizeof(*a));
a[i] = 0;
sfree(a); sfree(a);
for (i = 0; i < scratchlen; i++) smemclr(scratch, scratchlen * sizeof(*scratch));
scratch[i] = 0;
sfree(scratch); sfree(scratch);
for (i = 0; i < 2 * mlen; i++) smemclr(b, 2 * mlen * sizeof(*b));
b[i] = 0;
sfree(b); sfree(b);
for (i = 0; i < mlen; i++) smemclr(m, mlen * sizeof(*m));
m[i] = 0;
sfree(m); sfree(m);
for (i = 0; i < mlen; i++) smemclr(n, mlen * sizeof(*n));
n[i] = 0;
sfree(n); sfree(n);
freebn(base); freebn(base);
@ -965,23 +960,17 @@ Bignum modpow(Bignum base_in, Bignum exp, Bignum mod)
result[0]--; result[0]--;
/* Free temporary arrays */ /* Free temporary arrays */
for (i = 0; i < scratchlen; i++) smemclr(scratch, scratchlen * sizeof(*scratch));
scratch[i] = 0;
sfree(scratch); sfree(scratch);
for (i = 0; i < 2 * len; i++) smemclr(a, 2 * len * sizeof(*a));
a[i] = 0;
sfree(a); sfree(a);
for (i = 0; i < 2 * len; i++) smemclr(b, 2 * len * sizeof(*b));
b[i] = 0;
sfree(b); sfree(b);
for (i = 0; i < len; i++) smemclr(mninv, len * sizeof(*mninv));
mninv[i] = 0;
sfree(mninv); sfree(mninv);
for (i = 0; i < len; i++) smemclr(n, len * sizeof(*n));
n[i] = 0;
sfree(n); sfree(n);
for (i = 0; i < len; i++) smemclr(x, len * sizeof(*x));
x[i] = 0;
sfree(x); sfree(x);
return result; return result;
@ -1071,20 +1060,15 @@ Bignum modmul(Bignum p, Bignum q, Bignum mod)
result[0]--; result[0]--;
/* Free temporary arrays */ /* Free temporary arrays */
for (i = 0; i < scratchlen; i++) smemclr(scratch, scratchlen * sizeof(*scratch));
scratch[i] = 0;
sfree(scratch); sfree(scratch);
for (i = 0; i < 2 * pqlen; i++) smemclr(a, 2 * pqlen * sizeof(*a));
a[i] = 0;
sfree(a); sfree(a);
for (i = 0; i < mlen; i++) smemclr(m, mlen * sizeof(*m));
m[i] = 0;
sfree(m); sfree(m);
for (i = 0; i < pqlen; i++) smemclr(n, pqlen * sizeof(*n));
n[i] = 0;
sfree(n); sfree(n);
for (i = 0; i < pqlen; i++) smemclr(o, pqlen * sizeof(*o));
o[i] = 0;
sfree(o); sfree(o);
return result; return result;
@ -1154,11 +1138,9 @@ static void bigdivmod(Bignum p, Bignum mod, Bignum result, Bignum quotient)
} }
/* Free temporary arrays */ /* Free temporary arrays */
for (i = 0; i < mlen; i++) smemclr(m, mlen * sizeof(*m));
m[i] = 0;
sfree(m); sfree(m);
for (i = 0; i < plen; i++) smemclr(n, plen * sizeof(*n));
n[i] = 0;
sfree(n); sfree(n);
} }
@ -1405,8 +1387,7 @@ Bignum bigmuladd(Bignum a, Bignum b, Bignum addend)
} }
ret[0] = maxspot; ret[0] = maxspot;
for (i = 0; i < wslen; i++) smemclr(workspace, wslen * sizeof(*workspace));
workspace[i] = 0;
sfree(workspace); sfree(workspace);
return ret; return ret;
} }
@ -1757,6 +1738,7 @@ char *bignum_decimal(Bignum x)
/* /*
* Done. * Done.
*/ */
smemclr(workspace, x[0] * sizeof(*workspace));
sfree(workspace); sfree(workspace);
return ret; return ret;
} }