]> www.infradead.org Git - users/dwmw2/openconnect.git/commit
projects / users / dwmw2 / openconnect.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: 853ebe2) | patch
Clear full buffer in buf_truncate() and buf_free()
authorDavid Woodhouse <dwmw2@infradead.org>
Fri, 21 Dec 2018 12:12:46 +0000 (12:12 +0000)
committerDavid Woodhouse <dwmw2@infradead.org>
Fri, 21 Dec 2018 12:12:46 +0000 (12:12 +0000)
commitdb4e72d7376ba32797e47d3690da233ed850d837
tree8e1c0ee53bfabca0f46bbcb43a17d8a8bf3ad172tree
parent853ebe20db1f8c44a07dd1d175eb0faea0fa18c7commit | diff
Clear full buffer in buf_truncate() and buf_free()

This reduces the chances of passwords and other secrets lying around in
memory when we're done. Arguably if anyone can just read memory of the
VPN client while it's running, the game is already lost... but still,
this is easy enough to do, and it's been reported as CVE-2018-20319.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
http.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.