aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimon Tatham <anakin@pobox.com>2015-03-01 12:55:31 +0000
committerMike DePaulo <mikedep333@gmail.com>2015-03-28 13:05:21 -0400
commit4c69c41137a60a7c5c04e77079837f7e9b311947 (patch)
tree5af89b6f0eb036f29a130444fd88118aa19d7f4b
parent3a6883956ed8995669bf67b5d6bd60a70d2e9aa8 (diff)
downloadvcxsrv-4c69c41137a60a7c5c04e77079837f7e9b311947.tar.gz
vcxsrv-4c69c41137a60a7c5c04e77079837f7e9b311947.tar.bz2
vcxsrv-4c69c41137a60a7c5c04e77079837f7e9b311947.zip
Add some missing smemclrs and sfrees.
The absence of these could have prevented sensitive private key information from being properly cleared out of memory that PuTTY tools had finished with. Thanks to Patrick Coleman for spotting this and sending a patch. Origin: upstream, http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=65f69bca7363ceceeac515ae2a82b8f8adc6404d Bug: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html Bug-Debian: http://bugs.debian.org/779488 Patch-Name: private-key-not-wiped-2.patch
-rw-r--r--tools/plink/sshpubk.c18
1 files changed, 14 insertions, 4 deletions
diff --git a/tools/plink/sshpubk.c b/tools/plink/sshpubk.c
index ac9e0fa7e..2b5213ba5 100644
--- a/tools/plink/sshpubk.c
+++ b/tools/plink/sshpubk.c
@@ -844,6 +844,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
goto error;
}
sfree(public_blob);
+ smemclr(private_blob, private_blob_len);
sfree(private_blob);
sfree(encryption);
if (errorstr)
@@ -864,8 +865,10 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
sfree(mac);
if (public_blob)
sfree(public_blob);
- if (private_blob)
- sfree(private_blob);
+ if (private_blob) {
+ smemclr(private_blob, private_blob_len);
+ sfree(private_blob);
+ }
if (errorstr)
*errorstr = error;
return ret;
@@ -1154,8 +1157,14 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
}
fp = f_open(filename, "w", TRUE);
- if (!fp)
- return 0;
+ if (!fp) {
+ sfree(pub_blob);
+ smemclr(priv_blob, priv_blob_len);
+ sfree(priv_blob);
+ smemclr(priv_blob_encrypted, priv_blob_len);
+ sfree(priv_blob_encrypted);
+ return 0;
+ }
fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);
fprintf(fp, "Encryption: %s\n", cipherstr);
fprintf(fp, "Comment: %s\n", key->comment);
@@ -1172,6 +1181,7 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
sfree(pub_blob);
smemclr(priv_blob, priv_blob_len);
sfree(priv_blob);
+ smemclr(priv_blob_encrypted, priv_blob_len);
sfree(priv_blob_encrypted);
return 1;
}