Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: When scrubbing secrets in memory doesn't work

From: Michael Zimmermann <zim () vegaa de>
Date: Fri, 8 Nov 2002 17:23:34 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At Dienstag, 5. November 2002 23:13 Michael Howard wrote:

During the Windows Security Push in Feb/Mar 2002, we noticed an
'interesting' anomaly with code to scrub passwords that looks like this:

bool DoSensitiveStuff() {
      bool fOK = false;
      const size_t cbPwd = 64;
      char szPwd[cbPwd];
      if (GetUserPassword(szPwd,cbPwd-1))
              if (DoSomethingWithPassword(szPwd))
                      fOK = true;

      memset(szPwd,0,cbPwd);

      return fOK;
}


Not to declare the intermediate storage for sensitive
data as 'volatile' is a coding flaw. An esily overlooked
one, yes, but nevertheless... Like forgetting to protect
critical code with semaphores.

- -- 
Michael Zimmermann  (http://vegaa.de)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9y+UG72vu22ltWBERAqduAJ0YGSuDIWmU1boNIq/BFObDfSxi8gCfV3Si
R07sgLDQFqsZ8Rz2xVclOA0=
=2qe3
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: