aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--g10/ChangeLog7
-rw-r--r--g10/build-packet.c2
-rw-r--r--g10/encode.c6
-rw-r--r--g10/sign.c2
4 files changed, 12 insertions, 5 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index 1747227b4..c1d565d02 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,10 @@
+2002-10-31 David Shaw <[email protected]>
+
+ * build-packet.c (do_plaintext), encode.c (encode_sesskey,
+ encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use
+ wipememory() instead of memset() to wipe sensitive memory as the
+ memset() might be optimized away.
+
2002-10-30 David Shaw <[email protected]>
* trustdb.c (check_regexp): Modern regexps require REG_EXTENDED.
diff --git a/g10/build-packet.c b/g10/build-packet.c
index da1cbbe39..936cc90d6 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -555,7 +555,7 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
}
n += nbytes;
}
- memset(buf,0,1000); /* at least burn the buffer */
+ wipememory(buf,1000); /* burn the buffer */
if( !pt->len )
iobuf_set_block_mode(out, 0 ); /* write end marker */
else if( n != pt->len )
diff --git a/g10/encode.c b/g10/encode.c
index 7991ef64a..6727c08ed 100644
--- a/g10/encode.c
+++ b/g10/encode.c
@@ -98,7 +98,7 @@ encode_sesskey( DEK *dek, DEK **ret_dek, byte *enckey )
cipher_close( hd );
memcpy( enckey, buf, c->keylen + 1 );
- memset( buf, 0, sizeof buf ); /* burn key */
+ wipememory( buf, sizeof buf ); /* burn key */
*ret_dek = c;
}
@@ -350,7 +350,7 @@ encode_simple( const char *filename, int mode, int compat )
log_error("copying input to output failed: %s\n", g10_errstr(rc) );
break;
}
- memset(copy_buffer, 0, 4096); /* burn buffer */
+ wipememory(copy_buffer, 4096); /* burn buffer */
}
/* finish the stuff */
@@ -589,7 +589,7 @@ encode_crypt( const char *filename, STRLIST remusr )
g10_errstr(rc) );
break;
}
- memset(copy_buffer, 0, 4096); /* burn buffer */
+ wipememory(copy_buffer, 4096); /* burn buffer */
}
/* finish the stuff */
diff --git a/g10/sign.c b/g10/sign.c
index b5314cccf..2c85f232a 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -506,7 +506,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
g10_errstr(rc));
break;
}
- memset(copy_buffer, 0, 4096); /* burn buffer */
+ wipememory(copy_buffer,4096); /* burn buffer */
}
/* fixme: it seems that we never freed pt/pkt */
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-30 06:06:45 +0000