diff options
author | Christophe Jaillet <jailletc36@apache.org> | 2018-05-28 19:45:56 +0000 |
---|---|---|
committer | Christophe Jaillet <jailletc36@apache.org> | 2018-05-28 19:45:56 +0000 |
commit | 8e030814013323e9ae3ef2087769ef6cf66fda6a (patch) | |
tree | 714ee5f5e0c149fe09c852a8680fe484e86702c3 /crypto | |
parent | 96192893c37c4204bc8720264495223da9875035 (diff) | |
download | apr-8e030814013323e9ae3ef2087769ef6cf66fda6a.tar.gz |
Better stack memseting of sensitive information.
Why is 'apr_crypto_memzero()' only available if APU_HAVE_CRYPTO=1?
See PR 55738
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1832415 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/apr_md4.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/apr_md4.c b/crypto/apr_md4.c index d983cbae5..22a0926e7 100644 --- a/crypto/apr_md4.c +++ b/crypto/apr_md4.c @@ -41,6 +41,7 @@ #include "apr_strings.h" #include "apr_md4.h" #include "apr_lib.h" +#include "apr_crypto.h" /* for apr_crypto_memzero, if available */ #if APR_HAVE_STRING_H #include <string.h> @@ -359,7 +360,11 @@ static void MD4Transform(apr_uint32_t state[4], const unsigned char block[64]) state[3] += d; /* Zeroize sensitive information. */ +#if APU_HAVE_CRYPTO + apr_crypto_memzero(x, sizeof(x)); +#else memset(x, 0, sizeof(x)); +#endif } /* Encodes input (apr_uint32_t) into output (unsigned char). Assumes len is |