httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <h.rei...@thelounge.net>
Subject Re: half-OT: heartbleed CVE-2014-0160
Date Wed, 09 Apr 2014 13:28:04 GMT

Am 09.04.2014 14:19, schrieb Graham Leggett:
> On 09 Apr 2014, at 2:14 PM, Roman Drahtmueller <draht@suse.de> wrote:
> 
>> There have been some zero-before-free changes in mozilla-nss recently.
>> It may be time to have object reuse issues in mind for both core and at 
>> least the auth* modules.
> 
> The following function was added to apr-util to do that:
> 
> /**
>  * @brief Register a cleanup to zero out the buffer provided
>  * when the pool is cleaned up.
>  *
>  * @param pool - pool to register the cleanup
>  * @param buffer - buffer to zero out
>  * @param size - size of the buffer to zero out
>  */
> APU_DECLARE(apr_status_t) apr_crypto_clear(apr_pool_t *pool, void *buffer,
>         apr_size_t size);

sounds good - thank you!




Mime
View raw message