From: Benoît Ganne <bganne@cisco.com>
Date: Thu, 5 Jan 2023 09:56:26 +0000 (+0100)
Subject: crypto: make it easier to diagnose keys use-after-free
X-Git-Tag: v23.10-rc0~189
X-Git-Url: https://gerrit.fd.io/r/gitweb?a=commitdiff_plain;h=1ee334c6f86b3e814aca1443ec7dfccdfc34ab26;p=vpp.git

crypto: make it easier to diagnose keys use-after-free

Type: improvement

Change-Id: Ib98eba146e24e659acf3b9a228b81fcd641f4c67
Signed-off-by: Benoît Ganne <bganne@cisco.com>
---

diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c
index f8926c9734a..156dab46517 100644
--- a/src/vnet/crypto/crypto.c
+++ b/src/vnet/crypto/crypto.c
@@ -469,12 +469,12 @@ vnet_crypto_key_del (vlib_main_t * vm, vnet_crypto_key_index_t index)
 
   if (key->type == VNET_CRYPTO_KEY_TYPE_DATA)
     {
-      clib_memset (key->data, 0, vec_len (key->data));
+      clib_memset (key->data, 0xfe, vec_len (key->data));
       vec_free (key->data);
     }
   else if (key->type == VNET_CRYPTO_KEY_TYPE_LINK)
     {
-      key->index_crypto = key->index_integ = 0;
+      key->index_crypto = key->index_integ = ~0;
     }
 
   pool_put (cm->keys, key);