Code Review / vpp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: d69233f)
crypto: make it easier to diagnose keys use-after-free 71/37871/3
authorBenoît Ganne <bganne@cisco.com>
Thu, 5 Jan 2023 09:56:26 +0000 (10:56 +0100)
committerDamjan Marion <dmarion@0xa5.net>
Mon, 6 Mar 2023 14:26:26 +0000 (14:26 +0000)
Type: improvement

Change-Id: Ib98eba146e24e659acf3b9a228b81fcd641f4c67
Signed-off-by: Benoît Ganne <bganne@cisco.com>
src/vnet/crypto/crypto.c patch | blob | history

diff --git a/src/vnet/crypto/crypto.c b/src/vnet/crypto/crypto.c
index f8926c9..156dab4 100644 (file)
--- a/src/vnet/crypto/crypto.c
+++ b/src/vnet/crypto/crypto.c
@@ -469,12 +469,12 @@ vnet_crypto_key_del (vlib_main_t * vm, vnet_crypto_key_index_t index)
 
   if (key->type == VNET_CRYPTO_KEY_TYPE_DATA)
     {
-      clib_memset (key->data, 0, vec_len (key->data));
+      clib_memset (key->data, 0xfe, vec_len (key->data));
       vec_free (key->data);
     }
   else if (key->type == VNET_CRYPTO_KEY_TYPE_LINK)
     {
-      key->index_crypto = key->index_integ = 0;
+      key->index_crypto = key->index_integ = ~0;
     }
 
   pool_put (cm->keys, key);
Vector Packet Processing