Noticed this investigating Fortuna. Remove useless duplicate stack copies
of sensitive contents when possible, or if not possible, be sure to zero
them out when we're finished.
Details
Details
- Reviewers
delphij jmg - Group Reviewers
secteam - Commits
- rS339787: rijndael (AES): Avoid leaking sensitive data on kernel stack
Diff Detail
Diff Detail
- Repository
- rS FreeBSD src repository - subversion
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
Comment Actions
Mostly LGTM.
sys/crypto/rijndael/rijndael-api-fst.c | ||
---|---|---|
448 ↗ | (On Diff #47424) | Could you please change this to use some better name, e.g. something like 'cleanup' instead? |
sys/crypto/rijndael/rijndael-api-fst.c | ||
---|---|---|
448 ↗ | (On Diff #47424) | I think 'out' is well understood: $ cd sys $ ag 'goto out;' | wc -l 5333 $ ag 'goto cleanup;' | wc -l 222 I can change it if you still prefer it, but I don't think "cleanup" is any better (or worse). |