diff options
author | rjung <rjung@13f79535-47bb-0310-9956-ffa450edef68> | 2018-08-25 13:34:08 +0000 |
---|---|---|
committer | rjung <rjung@13f79535-47bb-0310-9956-ffa450edef68> | 2018-08-25 13:34:08 +0000 |
commit | d9c42a88e1c89a992d2dba14bab2f8d2edc33758 (patch) | |
tree | 4c46b2ab1941094c824035bcbde69fe3ceeeffbb | |
parent | c3dd9e199c1403b5457673dfd14693dd937a0277 (diff) | |
download | libapr-util-d9c42a88e1c89a992d2dba14bab2f8d2edc33758.tar.gz |
Better stack memseting of sensitive information.
Why is 'apr_crypto_memzero()' only available if APU_HAVE_CRYPTO=1?
See PR 55738
Backport of r1832415 from trunk.
git-svn-id: http://svn.apache.org/repos/asf/apr/apr-util/branches/1.6.x@1839049 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | crypto/apr_md4.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/apr_md4.c b/crypto/apr_md4.c index ada51400..9d58193f 100644 --- a/crypto/apr_md4.c +++ b/crypto/apr_md4.c @@ -41,6 +41,7 @@ #include "apr_strings.h" #include "apr_md4.h" #include "apr_lib.h" +#include "apr_crypto.h" /* for apr_crypto_memzero, if available */ #if APR_HAVE_STRING_H #include <string.h> @@ -359,7 +360,11 @@ static void MD4Transform(apr_uint32_t state[4], const unsigned char block[64]) state[3] += d; /* Zeroize sensitive information. */ +#if APU_HAVE_CRYPTO + apr_crypto_memzero(x, sizeof(x)); +#else memset(x, 0, sizeof(x)); +#endif } /* Encodes input (apr_uint32_t) into output (unsigned char). Assumes len is |