[tor-bugs] #7352 [Tor]: make defense-in-depth memsets work in spite of compilers

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Nov 7 21:54:38 UTC 2012


#7352: make defense-in-depth memsets work in spite of compilers
--------------------------+-------------------------------------------------
 Reporter:  nickm_mobile  |          Owner:                    
     Type:  defect        |         Status:  needs_review      
 Priority:  major         |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor           |        Version:                    
 Keywords:  tor-relay     |         Parent:                    
   Points:                |   Actualpoints:                    
--------------------------+-------------------------------------------------

Comment(by nickm):

 To be specific, when this lands in 0.2.4 we should start looking for
 faster alternatives to OPENSSL_cleanse().  This are likely to be less
 portable.  We should also grep for all the new memset() instances in
 0.2.4.

 I used memwipe() here not only on stack-allocated stuff that was about to
 go out-of-scope, but also on heap-allocated stuff that we were about to
 get freed, since I bet that somebody out there optimizes those out too, or
 will eventually.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7352#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list