mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
* build-packet.c (do_plaintext), encode.c (encode_sesskey, encode_simple,
encode_crypt), sign.c (write_plaintext_packet): Use wipememory() instead of memset() to wipe sensitive memory as the memset() might be optimized away.
This commit is contained in:
parent
d284a4d200
commit
20c99d180a
@ -1,3 +1,10 @@
|
||||
2002-10-31 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* build-packet.c (do_plaintext), encode.c (encode_sesskey,
|
||||
encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use
|
||||
wipememory() instead of memset() to wipe sensitive memory as the
|
||||
memset() might be optimized away.
|
||||
|
||||
2002-10-30 David Shaw <dshaw@jabberwocky.com>
|
||||
|
||||
* trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.
|
||||
|
@ -555,7 +555,7 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
|
||||
}
|
||||
n += nbytes;
|
||||
}
|
||||
memset(buf,0,1000); /* at least burn the buffer */
|
||||
wipememory(buf,1000); /* burn the buffer */
|
||||
if( !pt->len )
|
||||
iobuf_set_block_mode(out, 0 ); /* write end marker */
|
||||
else if( n != pt->len )
|
||||
|
@ -98,7 +98,7 @@ encode_sesskey( DEK *dek, DEK **ret_dek, byte *enckey )
|
||||
cipher_close( hd );
|
||||
|
||||
memcpy( enckey, buf, c->keylen + 1 );
|
||||
memset( buf, 0, sizeof buf ); /* burn key */
|
||||
wipememory( buf, sizeof buf ); /* burn key */
|
||||
*ret_dek = c;
|
||||
}
|
||||
|
||||
@ -350,7 +350,7 @@ encode_simple( const char *filename, int mode, int compat )
|
||||
log_error("copying input to output failed: %s\n", g10_errstr(rc) );
|
||||
break;
|
||||
}
|
||||
memset(copy_buffer, 0, 4096); /* burn buffer */
|
||||
wipememory(copy_buffer, 4096); /* burn buffer */
|
||||
}
|
||||
|
||||
/* finish the stuff */
|
||||
@ -589,7 +589,7 @@ encode_crypt( const char *filename, STRLIST remusr )
|
||||
g10_errstr(rc) );
|
||||
break;
|
||||
}
|
||||
memset(copy_buffer, 0, 4096); /* burn buffer */
|
||||
wipememory(copy_buffer, 4096); /* burn buffer */
|
||||
}
|
||||
|
||||
/* finish the stuff */
|
||||
|
@ -506,7 +506,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
|
||||
g10_errstr(rc));
|
||||
break;
|
||||
}
|
||||
memset(copy_buffer, 0, 4096); /* burn buffer */
|
||||
wipememory(copy_buffer,4096); /* burn buffer */
|
||||
}
|
||||
/* fixme: it seems that we never freed pt/pkt */
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user