VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/Library
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2016-09-26 07:56:26 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2016-10-17 18:17:48 +0200
commitc97186ae96d4835841b02d377a9002d078a6f83b (patch)
tree80789b09c967f6b1aad9d36108bb729f216aebe4 /Library
parent224b1cc286122b8aca5002fec31ed0390b299403 (diff)
downloadVeraCrypt-DCS-c97186ae96d4835841b02d377a9002d078a6f83b.tar.gz
VeraCrypt-DCS-c97186ae96d4835841b02d377a9002d078a6f83b.zip
Ensure sensitive memory is correctly erased.
Diffstat (limited to 'Library')
-rw-r--r--Library/DcsCfgLib/GptEdit.c2
-rw-r--r--Library/PasswordLib/ConsolePassword.c1
-rw-r--r--Library/PasswordLib/PicturePassword.c2
-rw-r--r--Library/VeraCryptLib/DcsVeraCrypt.c1
4 files changed, 6 insertions, 0 deletions
diff --git a/Library/DcsCfgLib/GptEdit.c b/Library/DcsCfgLib/GptEdit.c
index f814975..a33d3ca 100644
--- a/Library/DcsCfgLib/GptEdit.c
+++ b/Library/DcsCfgLib/GptEdit.c
@@ -903,6 +903,8 @@ DeListPwdCacheEdit()
DePwdCache->CRC = 0;
res =gBS->CalculateCrc32(DePwdCache, 512, &crc);
DePwdCache->CRC = crc;
+ burn (&pwd, sizeof(pwd));
+ burn (&pim, sizeof(pim));
return res;
}
diff --git a/Library/PasswordLib/ConsolePassword.c b/Library/PasswordLib/ConsolePassword.c
index c195b48..1b8c48a 100644
--- a/Library/PasswordLib/ConsolePassword.c
+++ b/Library/PasswordLib/ConsolePassword.c
@@ -116,6 +116,7 @@ AskConsolePwdInt(
} while (key.UnicodeChar != CHAR_CARRIAGE_RETURN);
if (length != NULL) *length = count;
+ burn (&key, sizeof (key));
// Set end of line
if (asciiLine != NULL) {
asciiLine[count] = '\0';
diff --git a/Library/PasswordLib/PicturePassword.c b/Library/PasswordLib/PicturePassword.c
index 67ffcbe..886ffcd 100644
--- a/Library/PasswordLib/PicturePassword.c
+++ b/Library/PasswordLib/PicturePassword.c
@@ -628,6 +628,8 @@ AskPictPwdInt(
pwdAction = PwdActNone;
} while (TRUE);
+ burn (&key, sizeof (key));
+ burn (&pwdNewChar, sizeof (pwdNewChar));
gBS->CloseEvent(InputEvents[1]);
gBS->CloseEvent(UpdateEvent);
gBS->CloseEvent(BeepOffEvent);
diff --git a/Library/VeraCryptLib/DcsVeraCrypt.c b/Library/VeraCryptLib/DcsVeraCrypt.c
index ba92931..1b6cd35 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.c
+++ b/Library/VeraCryptLib/DcsVeraCrypt.c
@@ -391,4 +391,5 @@ ApplyKeyFile(
if (password->Length < (int)sizeof(keyPool))
password->Length = sizeof(keyPool);
+ burn (keyPool, sizeof(keyPool));
} \ No newline at end of file