Package: putty / 0.62-9+deb7u3

private-key-not-wiped-2.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Description: Add some missing memsets and sfrees
 The absence of these could have prevented sensitive private key
 information from being properly cleared out of memory that PuTTY tools
 had finished with.
 . 
 Thanks to Patrick Coleman for spotting this and sending a patch.
Origin: backport, http://tartarus.org/~simon-git/gitweb/?p=putty.git;a=commitdiff;h=65f69bca7363ceceeac515ae2a82b8f8adc6404d
Bug: http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/private-key-not-wiped-2.html
Bug-Debian: http://bugs.debian.org/779488

Index: b/sshpubk.c
===================================================================
--- a/sshpubk.c
+++ b/sshpubk.c
@@ -839,6 +839,7 @@
 	goto error;
     }
     sfree(public_blob);
+    memset(private_blob, 0, private_blob_len);
     sfree(private_blob);
     sfree(encryption);
     if (errorstr)
@@ -859,8 +860,10 @@
 	sfree(mac);
     if (public_blob)
 	sfree(public_blob);
-    if (private_blob)
-	sfree(private_blob);
+    if (private_blob) {
+        memset(private_blob, 0, private_blob_len);
+        sfree(private_blob);
+    }
     if (errorstr)
 	*errorstr = error;
     return ret;
@@ -1144,8 +1147,14 @@
     }
 
     fp = f_open(*filename, "w", TRUE);
-    if (!fp)
-	return 0;
+    if (!fp) {
+        sfree(pub_blob);
+        memset(priv_blob, 0, priv_blob_len);
+        sfree(priv_blob);
+        memset(priv_blob_encrypted, 0, priv_blob_len);
+        sfree(priv_blob_encrypted);
+        return 0;
+    }
     fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);
     fprintf(fp, "Encryption: %s\n", cipherstr);
     fprintf(fp, "Comment: %s\n", key->comment);
@@ -1162,6 +1171,7 @@
     sfree(pub_blob);
     memset(priv_blob, 0, priv_blob_len);
     sfree(priv_blob);
+    memset(priv_blob_encrypted, 0, priv_blob_len);
     sfree(priv_blob_encrypted);
     return 1;
 }