Clear a couple more fields in rend_service_load_auth_keys

src/common/util.c

@@ -655,6 +655,16 @@ fast_memcmpstart(const void *mem, size_t memlen,
   return fast_memcmp(mem, prefix, plen);
 }
 
+/** Given a nul-terminated string s, set every character before the nul
+ * to zero. */
+void
+tor_strclear(char *s)
+{
+  while (*s) {
+    *s++ = '\0';
+  }
+}
+
 /** Return a pointer to the first char of s that is not whitespace and
  * not a comment, or to the terminating NUL if no such character exists.
  */

src/common/util.h

@@ -188,6 +188,7 @@ int strcasecmpstart(const char *s1, const char *s2) ATTR_NONNULL((1,2));
 int strcmpend(const char *s1, const char *s2) ATTR_NONNULL((1,2));
 int strcasecmpend(const char *s1, const char *s2) ATTR_NONNULL((1,2));
 int fast_memcmpstart(const void *mem, size_t memlen, const char *prefix);
+void tor_strclear(char *s);
 
 void tor_strstrip(char *s, const char *strip) ATTR_NONNULL((1,2));
 long tor_parse_long(const char *s, int base, long min,

src/or/rendservice.c

@@ -139,7 +139,9 @@ rend_authorized_client_free(rend_authorized_client_t *client)
     return;
   if (client->client_key)
     crypto_pk_free(client->client_key);
+  tor_strclear(client->client_name);
   tor_free(client->client_name);
+  memset(client->descriptor_cookie, 0, sizeof(client->descriptor_cookie));
   tor_free(client);
 }
 
@@ -868,7 +870,7 @@ rend_service_load_auth_keys(rend_service_t *s, const char *hfname)
   if (open_hfile)
     abort_writing_to_file(open_hfile);
  done:
-  /* XXXX zero these two as well */
+  tor_strclear(client_keys_str);
   tor_free(client_keys_str);
   strmap_free(parsed_clients, rend_authorized_client_strmap_item_free);