VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Common/Volumes.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2016-10-01 22:54:48 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2016-10-17 18:40:22 +0200
commit34f3c055ed6c0031bdc927305eab06ae94f79b99 (patch)
treed4312e0ba9c4e128763a62d1e28604460d3eb391 /src/Common/Volumes.c
parent8e2c5ca45ee2e7d16dd45e96e403d85a6ccdc7f0 (diff)
downloadVeraCrypt-34f3c055ed6c0031bdc927305eab06ae94f79b99.tar.gz
VeraCrypt-34f3c055ed6c0031bdc927305eab06ae94f79b99.zip
Windows: in function CreateVolumeHeaderInMemory, properly unlock and erase sensitive stack memory.
Diffstat (limited to 'src/Common/Volumes.c')
-rw-r--r--src/Common/Volumes.c27
1 files changed, 19 insertions, 8 deletions
diff --git a/src/Common/Volumes.c b/src/Common/Volumes.c
index 0940941d..c7f5ce09 100644
--- a/src/Common/Volumes.c
+++ b/src/Common/Volumes.c
@@ -870,7 +870,8 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
#endif
{
crypto_close (cryptoInfo);
- return ERR_CIPHER_INIT_WEAK_KEY;
+ retVal = ERR_CIPHER_INIT_WEAK_KEY;
+ goto err;
}
}
else
@@ -912,7 +913,8 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
#endif
{
crypto_close (cryptoInfo);
- return ERR_CIPHER_INIT_WEAK_KEY;
+ retVal = ERR_CIPHER_INIT_WEAK_KEY;
+ goto err;
}
if (password)
@@ -961,7 +963,8 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
#endif
{
crypto_close (cryptoInfo);
- return ERR_CIPHER_INIT_WEAK_KEY;
+ retVal = ERR_CIPHER_INIT_WEAK_KEY;
+ goto err;
}
}
@@ -1045,14 +1048,15 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
if (retVal != ERR_SUCCESS)
{
crypto_close (cryptoInfo);
- return retVal;
+ goto err;
}
// Mode of operation
if (!EAInitMode (cryptoInfo))
{
crypto_close (cryptoInfo);
- return ERR_OUTOFMEMORY;
+ retVal = ERR_OUTOFMEMORY;
+ goto err;
}
@@ -1069,7 +1073,7 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
if (retVal != ERR_SUCCESS)
{
crypto_close (cryptoInfo);
- return retVal;
+ goto err;
}
memcpy (cryptoInfo->master_keydata, keyInfo.master_keydata, MASTER_KEYDATA_SIZE);
@@ -1086,7 +1090,8 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
if (!EAInitMode (cryptoInfo))
{
crypto_close (cryptoInfo);
- return ERR_OUTOFMEMORY;
+ retVal = ERR_OUTOFMEMORY;
+ goto err;
}
@@ -1132,10 +1137,16 @@ int CreateVolumeHeaderInMemory (HWND hwndDlg, BOOL bBoot, char *header, int ea,
}
#endif // #ifdef VOLFORMAT
+ *retInfo = cryptoInfo;
+
+err:
burn (dk, sizeof(dk));
burn (&keyInfo, sizeof (keyInfo));
+#if !defined(_UEFI)
+ VirtualUnlock (&keyInfo, sizeof (keyInfo));
+ VirtualUnlock (&dk, sizeof (dk));
+#endif // !defined(_UEFI)
- *retInfo = cryptoInfo;
return 0;
}