[PATCH] Usage of ngx_explicit_memzero() in internal md5 and sha1
Maxim Dounin
mdounin at mdounin.ru
Mon Aug 26 04:04:54 UTC 2024
# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1724645076 -10800
# Mon Aug 26 07:04:36 2024 +0300
# Node ID ba7ab7de66704ef8d13e7841a50e0e9f945fed5f
# Parent d97a6d0b1a421a601c756738e68cc607de530755
Usage of ngx_explicit_memzero() in internal md5 and sha1.
The goal of the context cleanup in ngx_md5_final() and ngx_sha1_final()
is to clear potentially sensitive data, so ngx_explicit_memzero() is
appropriate.
diff --git a/src/core/ngx_md5.c b/src/core/ngx_md5.c
--- a/src/core/ngx_md5.c
+++ b/src/core/ngx_md5.c
@@ -107,7 +107,7 @@ ngx_md5_final(u_char result[16], ngx_md5
result[14] = (u_char) (ctx->d >> 16);
result[15] = (u_char) (ctx->d >> 24);
- ngx_memzero(ctx, sizeof(*ctx));
+ ngx_explicit_memzero(ctx, sizeof(*ctx));
}
diff --git a/src/core/ngx_sha1.c b/src/core/ngx_sha1.c
--- a/src/core/ngx_sha1.c
+++ b/src/core/ngx_sha1.c
@@ -113,7 +113,7 @@ ngx_sha1_final(u_char result[20], ngx_sh
result[18] = (u_char) (ctx->e >> 8);
result[19] = (u_char) ctx->e;
- ngx_memzero(ctx, sizeof(*ctx));
+ ngx_explicit_memzero(ctx, sizeof(*ctx));
}
More information about the nginx-devel
mailing list