Hi,
any plan/interrest in having apr_crypto_memzero() available even if
APU_HAVE_CRYPTO is not defined?
There are a few places in httpd and in APR that should use this safer
memset'ing.
CJ
Le 28/05/2018 à 21:45, jaillet...@apache.org a écrit :
Author: jailletc36
Date: Mon May 28 19:45:56 2018
New Revision: 1832415
URL: http://svn.apache.org/viewvc?rev=1832415&view=rev
Log:
Better stack memseting of sensitive information.
Why is 'apr_crypto_memzero()' only available if APU_HAVE_CRYPTO=1?
See PR 55738
Modified:
apr/apr/trunk/crypto/apr_md4.c
Modified: apr/apr/trunk/crypto/apr_md4.c
URL:
http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_md4.c?rev=1832415&r1=1832414&r2=1832415&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_md4.c (original)
+++ apr/apr/trunk/crypto/apr_md4.c Mon May 28 19:45:56 2018
@@ -41,6 +41,7 @@
#include "apr_strings.h"
#include "apr_md4.h"
#include "apr_lib.h"
+#include "apr_crypto.h" /* for apr_crypto_memzero, if available */
#if APR_HAVE_STRING_H
#include <string.h>
@@ -359,7 +360,11 @@ static void MD4Transform(apr_uint32_t st
state[3] += d;
/* Zeroize sensitive information. */
+#if APU_HAVE_CRYPTO
+ apr_crypto_memzero(x, sizeof(x));
+#else
memset(x, 0, sizeof(x));
+#endif
}
/* Encodes input (apr_uint32_t) into output (unsigned char). Assumes len is
