Clean up keys on stack in rend_client_send_introduction()

2024-11-11 05:33:47 +01:00 · 2012-06-15 21:25:25 -07:00 · 2012-06-15 21:25:25 -07:00 · a8bcbe7bf7
commit a8bcbe7bf7
parent ab2e007ffb
1 changed files with 20 additions and 5 deletions
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@ -132,6 +132,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
  crypt_path_t *cpath;
  off_t dh_offset;
  crypto_pk_t *intro_key = NULL;
+  int status = 0;

  tor_assert(introcirc->_base.purpose == CIRCUIT_PURPOSE_C_INTRODUCING);
  tor_assert(rendcirc->_base.purpose == CIRCUIT_PURPOSE_C_REND_READY);
@ -161,7 +162,8 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
      }
    }

-    return -1;
+    status = -1;
+    goto cleanup;
  }

  /* first 20 bytes of payload are the hash of Bob's pk */
@ -184,13 +186,16 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
             smartlist_len(entry->parsed->intro_nodes));

    if (rend_client_reextend_intro_circuit(introcirc)) {
+      status = -2;
      goto perm_err;
    } else {
-      return -1;
+      status = -1;
+      goto cleanup;
    }
  }
  if (crypto_pk_get_digest(intro_key, payload)<0) {
    log_warn(LD_BUG, "Internal error: couldn't hash public key.");
+    status = -2;
    goto perm_err;
  }

@ -202,10 +207,12 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
    cpath->magic = CRYPT_PATH_MAGIC;
    if (!(cpath->dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) {
      log_warn(LD_BUG, "Internal error: couldn't allocate DH.");
+      status = -2;
      goto perm_err;
    }
    if (crypto_dh_generate_public(cpath->dh_handshake_state)<0) {
      log_warn(LD_BUG, "Internal error: couldn't generate g^x.");
+      status = -2;
      goto perm_err;
    }
  }
@ -256,6 +263,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
  if (crypto_dh_get_public(cpath->dh_handshake_state, tmp+dh_offset,
                           DH_KEY_LEN)<0) {
    log_warn(LD_BUG, "Internal error: couldn't extract g^x.");
+    status = -2;
    goto perm_err;
  }

@ -269,6 +277,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
                                      PK_PKCS1_OAEP_PADDING, 0);
  if (r<0) {
    log_warn(LD_BUG,"Internal error: hybrid pk encrypt failed.");
+    status = -2;
    goto perm_err;
  }

@ -288,7 +297,8 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
                                   introcirc->cpath->prev)<0) {
    /* introcirc is already marked for close. leave rendcirc alone. */
    log_warn(LD_BUG, "Couldn't send INTRODUCE1 cell");
-    return -2;
+    status = -2;
+    goto cleanup;
  }

  /* Now, we wait for an ACK or NAK on this circuit. */
@ -299,12 +309,17 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
   * state. */
  introcirc->_base.timestamp_dirty = time(NULL);

-  return 0;
+  goto cleanup;
+
 perm_err:
  if (!introcirc->_base.marked_for_close)
    circuit_mark_for_close(TO_CIRCUIT(introcirc), END_CIRC_REASON_INTERNAL);
  circuit_mark_for_close(TO_CIRCUIT(rendcirc), END_CIRC_REASON_INTERNAL);
-  return -2;
+ cleanup:
+  memset(payload, 0, sizeof(payload));
+  memset(tmp, 0, sizeof(tmp));
+
+  return status;
 }

 /** Called when a rendezvous circuit is open; sends a establish