nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-07-04 04:52:47 -05:00
Code Issues Projects Releases Wiki Activity

Introduce a new utility function smemclr(), which memsets things to

Browse Source 
zero but does it in such a way that over-clever compilers hopefully
won't helpfully optimise the call away if you do it just before
freeing something or letting it go out of scope. Use this for
(hopefully) every memset whose job is to destroy sensitive data that
might otherwise be left lying around in the process's memory.

[originally from svn r9586]
This commit is contained in:
Simon Tatham
2012-07-22 19:51:50 +00:00
parent acf8a5385d
commit aa5bae8916
21 changed files with 140 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/winpgnt.c
View File

@ -174,7 +174,7 @@ static void forget_passphrases(void)
{
while (count234(passphrases) > 0) {
char *pp = index234(passphrases, 0);
memset(pp, 0, strlen(pp));
smemclr(pp, strlen(pp));
delpos234(passphrases, 0);
free(pp);
}
@ -968,7 +968,7 @@ static void answer_msg(void *msg)
MD5Init(&md5c);
MD5Update(&md5c, response_source, 48);
MD5Final(response_md5, &md5c);
memset(response_source, 0, 48); /* burn the evidence */
smemclr(response_source, 48); /* burn the evidence */
freebn(response); /* and that evidence */
freebn(challenge); /* yes, and that evidence */
freebn(reqkey.exponent); /* and free some memory ... */