Page MenuHomeFreeBSD
Files F147691341

D25438.id73610.diff
No OneTemporary
Actions

D25438.id73610.diff
View Options

Index: sys/dev/glxsb/glxsb_hash.c
===================================================================
--- sys/dev/glxsb/glxsb_hash.c
+++ sys/dev/glxsb/glxsb_hash.c
@@ -65,7 +65,7 @@
static int
glxsb_authcompute(struct glxsb_session *ses, struct cryptop *crp)
{
- u_char hash[HASH_MAX_LEN], hash2[HASH_MAX_LEN];
+ u_char hash[HASH_MAX_LEN];
struct auth_hash *axf;
union authctx ctx;
int error;
@@ -86,17 +86,22 @@
bcopy(ses->ses_octx, &ctx, axf->ctxsize);
axf->Update(&ctx, hash, axf->hashsize);
axf->Final(hash, &ctx);
+ explicit_bzero(&ctx, sizeof(ctx));
/* Verify or inject the authentication data */
if (crp->crp_op & CRYPTO_OP_VERIFY_DIGEST) {
+ u_char hash2[HASH_MAX_LEN];
+
crypto_copydata(crp, crp->crp_digest_start, ses->ses_mlen,
hash2);
if (timingsafe_bcmp(hash, hash2, ses->ses_mlen) != 0)
- return (EBADMSG);
+ error = EBADMSG;
+ explicit_bzero(hash2, sizeof(hash2));
} else
crypto_copyback(crp, crp->crp_digest_start, ses->ses_mlen,
hash);
- return (0);
+ explicit_bzero(hash, sizeof(hash));
+ return (error);
}
int

File Metadata

Mime Type
text/plain
Expires
Fri, Mar 13, 10:58 PM (6 h, 41 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29640529
Default Alt Text
D25438.id73610.diff (1 KB)

Event Timeline