diff options
author | Gregory Maxwell <greg@xiph.org> | 2012-11-10 09:29:32 -0800 |
---|---|---|
committer | Gregory Maxwell <greg@xiph.org> | 2012-11-10 09:29:32 -0800 |
commit | 91cee34638ae4d5cacb5fadf0adf16428ecf1332 (patch) | |
tree | 8d745e6bfd1dd7db18b836e8a88e3b6e1a2d703c | |
parent | e88f8887b6a68d8e2cf698122a97426a12dceee0 (diff) | |
parent | d0b0925be9f94068deb98940103a7b8a8c56f027 (diff) |
Merge pull request #1992 from Diapolo/no_memset
don't use memset() in privacy/security relevant code parts
-rw-r--r-- | src/allocators.h | 5 | ||||
-rw-r--r-- | src/base58.h | 16 | ||||
-rw-r--r-- | src/crypter.cpp | 4 | ||||
-rw-r--r-- | src/crypter.h | 4 | ||||
-rw-r--r-- | src/netbase.cpp | 2 | ||||
-rw-r--r-- | src/util.cpp | 2 |
6 files changed, 15 insertions, 18 deletions
diff --git a/src/allocators.h b/src/allocators.h index 99afa10c25..eb2aed6721 100644 --- a/src/allocators.h +++ b/src/allocators.h @@ -9,6 +9,7 @@ #include <string> #include <boost/thread/mutex.hpp> #include <map> +#include <openssl/crypto.h> // for OPENSSL_cleanse() #ifdef WIN32 #ifdef _WIN32_WINNT @@ -212,7 +213,7 @@ struct secure_allocator : public std::allocator<T> { if (p != NULL) { - memset(p, 0, sizeof(T) * n); + OPENSSL_cleanse(p, sizeof(T) * n); LockedPageManager::instance.UnlockRange(p, sizeof(T) * n); } std::allocator<T>::deallocate(p, n); @@ -246,7 +247,7 @@ struct zero_after_free_allocator : public std::allocator<T> void deallocate(T* p, std::size_t n) { if (p != NULL) - memset(p, 0, sizeof(T) * n); + OPENSSL_cleanse(p, sizeof(T) * n); std::allocator<T>::deallocate(p, n); } }; diff --git a/src/base58.h b/src/base58.h index 9dfea86ff5..be8a541f67 100644 --- a/src/base58.h +++ b/src/base58.h @@ -17,9 +17,11 @@ #include <string> #include <vector> + #include "bignum.h" #include "key.h" #include "script.h" +#include "allocators.h" static const char* pszBase58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; @@ -178,7 +180,8 @@ protected: unsigned char nVersion; // the actually encoded data - std::vector<unsigned char> vchData; + typedef std::vector<unsigned char, zero_after_free_allocator<unsigned char> > vector_uchar; + vector_uchar vchData; CBase58Data() { @@ -186,13 +189,6 @@ protected: vchData.clear(); } - ~CBase58Data() - { - // zero the memory, as it may contain sensitive data - if (!vchData.empty()) - memset(&vchData[0], 0, vchData.size()); - } - void SetData(int nVersionIn, const void* pdata, size_t nSize) { nVersion = nVersionIn; @@ -221,7 +217,7 @@ public: vchData.resize(vchTemp.size() - 1); if (!vchData.empty()) memcpy(&vchData[0], &vchTemp[1], vchData.size()); - memset(&vchTemp[0], 0, vchTemp.size()); + OPENSSL_cleanse(&vchTemp[0], vchData.size()); return true; } @@ -457,4 +453,4 @@ public: } }; -#endif +#endif // BITCOIN_BASE58_H diff --git a/src/crypter.cpp b/src/crypter.cpp index 181b8fa00a..a2b62a87c8 100644 --- a/src/crypter.cpp +++ b/src/crypter.cpp @@ -24,8 +24,8 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v if (i != (int)WALLET_CRYPTO_KEY_SIZE) { - memset(&chKey, 0, sizeof chKey); - memset(&chIV, 0, sizeof chIV); + OPENSSL_cleanse(chKey, sizeof(chKey)); + OPENSSL_cleanse(chIV, sizeof(chIV)); return false; } diff --git a/src/crypter.h b/src/crypter.h index 04538a3fa5..6f75170bac 100644 --- a/src/crypter.h +++ b/src/crypter.h @@ -76,8 +76,8 @@ public: void CleanKey() { - memset(&chKey, 0, sizeof chKey); - memset(&chIV, 0, sizeof chIV); + OPENSSL_cleanse(chKey, sizeof(chKey)); + OPENSSL_cleanse(chIV, sizeof(chIV)); fKeySet = false; } diff --git a/src/netbase.cpp b/src/netbase.cpp index 7b28e7f1bc..9e7307204a 100644 --- a/src/netbase.cpp +++ b/src/netbase.cpp @@ -545,7 +545,7 @@ bool ConnectSocketByName(CService &addr, SOCKET& hSocketRet, const char *pszDest void CNetAddr::Init() { - memset(ip, 0, 16); + memset(ip, 0, sizeof(ip)); } void CNetAddr::SetIP(const CNetAddr& ipIn) diff --git a/src/util.cpp b/src/util.cpp index 9162886450..03014a5da0 100644 --- a/src/util.cpp +++ b/src/util.cpp @@ -156,7 +156,7 @@ void RandAddSeedPerfmon() if (ret == ERROR_SUCCESS) { RAND_add(pdata, nSize, nSize/100.0); - memset(pdata, 0, nSize); + OPENSSL_cleanse(pdata, nSize); printf("RandAddSeed() %lu bytes\n", nSize); } #endif |