highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2026-02-09 08:43:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

don't use memset() in privacy/security relevant code parts

Browse Source 
As memset() can be optimized out by a compiler it should not be used in
privacy/security relevant code parts. OpenSSL provides the safe
OPENSSL_cleanse() function in crypto.h, which perfectly does the job of
clean and overwrite data.

For details see: http://www.viva64.com/en/b/0178/

- change memset() to OPENSSL_cleanse() where appropriate
- change a hard-coded number from netbase.cpp into a sizeof()
This commit is contained in:
Philip Kaufmann
2012-11-08 19:38:49 +01:00
committed by Luke Dashjr
parent 71f7ccf1ec
commit ff31f1fa10
6 changed files with 14 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/netbase.cpp
View File

@@ -297,7 +297,7 @@ bool ConnectSocket(const CService &addrDest, SOCKET& hSocketRet, int nTimeout)
void CNetAddr::Init()
{
memset(ip, 0, 16);
memset(ip, 0, sizeof(ip));
}
void CNetAddr::SetIP(const CNetAddr& ipIn)