bug7352 687 B

123456789101112
  1. o Major bugfixes:
  2. - Tor tries to wipe potentially sensitive data after using it, so
  3. that if some subsequent security failure exposes Tor's memory,
  4. the damage will be limited. But we had a bug where the compiler
  5. was eliminating these wipe operations when it decided that the
  6. memory was no longer visible to a (correctly running) program,
  7. hence defeating our attempt at defense in depth. We fix that
  8. by using OpenSSL's OPENSSL_cleanse() operation, which a compiler
  9. is unlikely to optimize away. Future versions of Tor may use
  10. a less ridiculously heavy approach for this. Fixes bug 7352.
  11. Reported in an article by Andrey Karpov.