aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregory Maxwell <greg@xiph.org>2012-11-10 09:29:32 -0800
committerGregory Maxwell <greg@xiph.org>2012-11-10 09:29:32 -0800
commit91cee34638ae4d5cacb5fadf0adf16428ecf1332 (patch)
tree8d745e6bfd1dd7db18b836e8a88e3b6e1a2d703c
parente88f8887b6a68d8e2cf698122a97426a12dceee0 (diff)
parentd0b0925be9f94068deb98940103a7b8a8c56f027 (diff)
Merge pull request #1992 from Diapolo/no_memset
don't use memset() in privacy/security relevant code parts
-rw-r--r--src/allocators.h5
-rw-r--r--src/base58.h16
-rw-r--r--src/crypter.cpp4
-rw-r--r--src/crypter.h4
-rw-r--r--src/netbase.cpp2
-rw-r--r--src/util.cpp2
6 files changed, 15 insertions, 18 deletions
diff --git a/src/allocators.h b/src/allocators.h
index 99afa10c25..eb2aed6721 100644
--- a/src/allocators.h
+++ b/src/allocators.h
@@ -9,6 +9,7 @@
#include <string>
#include <boost/thread/mutex.hpp>
#include <map>
+#include <openssl/crypto.h> // for OPENSSL_cleanse()
#ifdef WIN32
#ifdef _WIN32_WINNT
@@ -212,7 +213,7 @@ struct secure_allocator : public std::allocator<T>
{
if (p != NULL)
{
- memset(p, 0, sizeof(T) * n);
+ OPENSSL_cleanse(p, sizeof(T) * n);
LockedPageManager::instance.UnlockRange(p, sizeof(T) * n);
}
std::allocator<T>::deallocate(p, n);
@@ -246,7 +247,7 @@ struct zero_after_free_allocator : public std::allocator<T>
void deallocate(T* p, std::size_t n)
{
if (p != NULL)
- memset(p, 0, sizeof(T) * n);
+ OPENSSL_cleanse(p, sizeof(T) * n);
std::allocator<T>::deallocate(p, n);
}
};
diff --git a/src/base58.h b/src/base58.h
index 9dfea86ff5..be8a541f67 100644
--- a/src/base58.h
+++ b/src/base58.h
@@ -17,9 +17,11 @@
#include <string>
#include <vector>
+
#include "bignum.h"
#include "key.h"
#include "script.h"
+#include "allocators.h"
static const char* pszBase58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
@@ -178,7 +180,8 @@ protected:
unsigned char nVersion;
// the actually encoded data
- std::vector<unsigned char> vchData;
+ typedef std::vector<unsigned char, zero_after_free_allocator<unsigned char> > vector_uchar;
+ vector_uchar vchData;
CBase58Data()
{
@@ -186,13 +189,6 @@ protected:
vchData.clear();
}
- ~CBase58Data()
- {
- // zero the memory, as it may contain sensitive data
- if (!vchData.empty())
- memset(&vchData[0], 0, vchData.size());
- }
-
void SetData(int nVersionIn, const void* pdata, size_t nSize)
{
nVersion = nVersionIn;
@@ -221,7 +217,7 @@ public:
vchData.resize(vchTemp.size() - 1);
if (!vchData.empty())
memcpy(&vchData[0], &vchTemp[1], vchData.size());
- memset(&vchTemp[0], 0, vchTemp.size());
+ OPENSSL_cleanse(&vchTemp[0], vchData.size());
return true;
}
@@ -457,4 +453,4 @@ public:
}
};
-#endif
+#endif // BITCOIN_BASE58_H
diff --git a/src/crypter.cpp b/src/crypter.cpp
index 181b8fa00a..a2b62a87c8 100644
--- a/src/crypter.cpp
+++ b/src/crypter.cpp
@@ -24,8 +24,8 @@ bool CCrypter::SetKeyFromPassphrase(const SecureString& strKeyData, const std::v
if (i != (int)WALLET_CRYPTO_KEY_SIZE)
{
- memset(&chKey, 0, sizeof chKey);
- memset(&chIV, 0, sizeof chIV);
+ OPENSSL_cleanse(chKey, sizeof(chKey));
+ OPENSSL_cleanse(chIV, sizeof(chIV));
return false;
}
diff --git a/src/crypter.h b/src/crypter.h
index 04538a3fa5..6f75170bac 100644
--- a/src/crypter.h
+++ b/src/crypter.h
@@ -76,8 +76,8 @@ public:
void CleanKey()
{
- memset(&chKey, 0, sizeof chKey);
- memset(&chIV, 0, sizeof chIV);
+ OPENSSL_cleanse(chKey, sizeof(chKey));
+ OPENSSL_cleanse(chIV, sizeof(chIV));
fKeySet = false;
}
diff --git a/src/netbase.cpp b/src/netbase.cpp
index 7b28e7f1bc..9e7307204a 100644
--- a/src/netbase.cpp
+++ b/src/netbase.cpp
@@ -545,7 +545,7 @@ bool ConnectSocketByName(CService &addr, SOCKET& hSocketRet, const char *pszDest
void CNetAddr::Init()
{
- memset(ip, 0, 16);
+ memset(ip, 0, sizeof(ip));
}
void CNetAddr::SetIP(const CNetAddr& ipIn)
diff --git a/src/util.cpp b/src/util.cpp
index 9162886450..03014a5da0 100644
--- a/src/util.cpp
+++ b/src/util.cpp
@@ -156,7 +156,7 @@ void RandAddSeedPerfmon()
if (ret == ERROR_SUCCESS)
{
RAND_add(pdata, nSize, nSize/100.0);
- memset(pdata, 0, nSize);
+ OPENSSL_cleanse(pdata, nSize);
printf("RandAddSeed() %lu bytes\n", nSize);
}
#endif