diff options
author | Philip Kaufmann <phil.kaufmann@t-online.de> | 2012-11-08 19:38:49 +0100 |
---|---|---|
committer | Luke Dashjr <luke-jr+git@utopios.org> | 2012-11-12 23:55:22 +0000 |
commit | ff31f1fa10e2062465520ad8a3ff846c23b7a96f (patch) | |
tree | 2e74096d2185209048cf1523409d3d7a03ac5ca6 /src/base58.h | |
parent | 71f7ccf1ec625a7203b47eb7fcb830034d82b627 (diff) | |
download | bitcoin-ff31f1fa10e2062465520ad8a3ff846c23b7a96f.tar.xz |
don't use memset() in privacy/security relevant code parts
As memset() can be optimized out by a compiler it should not be used in
privacy/security relevant code parts. OpenSSL provides the safe
OPENSSL_cleanse() function in crypto.h, which perfectly does the job of
clean and overwrite data.
For details see: http://www.viva64.com/en/b/0178/
- change memset() to OPENSSL_cleanse() where appropriate
- change a hard-coded number from netbase.cpp into a sizeof()
Diffstat (limited to 'src/base58.h')
-rw-r--r-- | src/base58.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/base58.h b/src/base58.h index 78cb40f11d..ff0dad791c 100644 --- a/src/base58.h +++ b/src/base58.h @@ -17,6 +17,8 @@ #include <string> #include <vector> +#include <openssl/crypto.h> // for OPENSSL_cleanse() + #include "bignum.h" #include "key.h" @@ -189,7 +191,7 @@ protected: { // zero the memory, as it may contain sensitive data if (!vchData.empty()) - memset(&vchData[0], 0, vchData.size()); + OPENSSL_cleanse(&vchData[0], vchData.size()); } void SetData(int nVersionIn, const void* pdata, size_t nSize) @@ -220,7 +222,7 @@ public: vchData.resize(vchTemp.size() - 1); if (!vchData.empty()) memcpy(&vchData[0], &vchTemp[1], vchData.size()); - memset(&vchTemp[0], 0, vchTemp.size()); + OPENSSL_cleanse(&vchTemp[0], vchData.size()); return true; } |