diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-09-24 23:26:39 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-10-17 18:40:14 +0200 |
commit | 183cbc087a7551e4335da212e93732a72a7570f0 (patch) | |
tree | 00ab34fc15e31ed29bda401d8fabb1be3a355b89 /src/Driver | |
parent | 194b641ebdf0a8bd8c090afc373643cba788825e (diff) | |
download | VeraCrypt-183cbc087a7551e4335da212e93732a72a7570f0.tar.gz VeraCrypt-183cbc087a7551e4335da212e93732a72a7570f0.zip |
Windows Driver: Erase sensitive boot memory before throwing fatal exception
Diffstat (limited to 'src/Driver')
-rw-r--r-- | src/Driver/DriveFilter.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c index a3d76b3a..9c53147b 100644 --- a/src/Driver/DriveFilter.c +++ b/src/Driver/DriveFilter.c @@ -424,7 +424,16 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password, Extension->Queue.CryptoInfo->EncryptedAreaStart.Value = BootArgs.DecoySystemPartitionStart; if (Extension->Queue.CryptoInfo->VolumeSize.Value > hiddenPartitionOffset - BootArgs.DecoySystemPartitionStart) + { + // Erase boot loader scheduled keys + if (mappedCryptoInfo) + { + burn (mappedCryptoInfo, BootArgs.CryptoInfoLength); + MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength); + BootArgs.CryptoInfoLength = 0; + } TC_THROW_FATAL_EXCEPTION; + } Dump ("RemappedAreaOffset = %I64d\n", Extension->Queue.RemappedAreaOffset); Dump ("RemappedAreaDataUnitOffset = %I64d\n", Extension->Queue.RemappedAreaDataUnitOffset); |