aboutsummaryrefslogtreecommitdiff
path: root/src/allocators.h
diff options
context:
space:
mode:
authorPhilip Kaufmann <phil.kaufmann@t-online.de>2012-11-08 19:38:49 +0100
committerPhilip Kaufmann <phil.kaufmann@t-online.de>2012-11-09 12:53:53 +0100
commit0f8a6477825fbaad0d37233bdd3011d748f607ab (patch)
treee4ef0256d9b5bccac47b3e9c901960d403bbdcbe /src/allocators.h
parent16d9d61f99c2e081585e6634d25da3523804eabf (diff)
don't use memset() in privacy/security relevant code parts
As memset() can be optimized out by a compiler it should not be used in privacy/security relevant code parts. OpenSSL provides the safe OPENSSL_cleanse() function in crypto.h, which perfectly does the job of clean and overwrite data. For details see: http://www.viva64.com/en/b/0178/ - change memset() to OPENSSL_cleanse() where appropriate - change a hard-coded number from netbase.cpp into a sizeof()
Diffstat (limited to 'src/allocators.h')
-rw-r--r--src/allocators.h5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/allocators.h b/src/allocators.h
index 99afa10c25..eb2aed6721 100644
--- a/src/allocators.h
+++ b/src/allocators.h
@@ -9,6 +9,7 @@
#include <string>
#include <boost/thread/mutex.hpp>
#include <map>
+#include <openssl/crypto.h> // for OPENSSL_cleanse()
#ifdef WIN32
#ifdef _WIN32_WINNT
@@ -212,7 +213,7 @@ struct secure_allocator : public std::allocator<T>
{
if (p != NULL)
{
- memset(p, 0, sizeof(T) * n);
+ OPENSSL_cleanse(p, sizeof(T) * n);
LockedPageManager::instance.UnlockRange(p, sizeof(T) * n);
}
std::allocator<T>::deallocate(p, n);
@@ -246,7 +247,7 @@ struct zero_after_free_allocator : public std::allocator<T>
void deallocate(T* p, std::size_t n)
{
if (p != NULL)
- memset(p, 0, sizeof(T) * n);
+ OPENSSL_cleanse(p, sizeof(T) * n);
std::allocator<T>::deallocate(p, n);
}
};