VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2016-09-24 23:26:39 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2016-10-17 18:40:14 +0200
commit183cbc087a7551e4335da212e93732a72a7570f0 (patch)
tree00ab34fc15e31ed29bda401d8fabb1be3a355b89 /src/Driver
parent194b641ebdf0a8bd8c090afc373643cba788825e (diff)
downloadVeraCrypt-183cbc087a7551e4335da212e93732a72a7570f0.tar.gz
VeraCrypt-183cbc087a7551e4335da212e93732a72a7570f0.zip
Windows Driver: Erase sensitive boot memory before throwing fatal exception
Diffstat (limited to 'src/Driver')
-rw-r--r--src/Driver/DriveFilter.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index a3d76b3a..9c53147b 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -424,7 +424,16 @@ static NTSTATUS MountDrive (DriveFilterExtension *Extension, Password *password,
Extension->Queue.CryptoInfo->EncryptedAreaStart.Value = BootArgs.DecoySystemPartitionStart;
if (Extension->Queue.CryptoInfo->VolumeSize.Value > hiddenPartitionOffset - BootArgs.DecoySystemPartitionStart)
+ {
+ // Erase boot loader scheduled keys
+ if (mappedCryptoInfo)
+ {
+ burn (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ MmUnmapIoSpace (mappedCryptoInfo, BootArgs.CryptoInfoLength);
+ BootArgs.CryptoInfoLength = 0;
+ }
TC_THROW_FATAL_EXCEPTION;
+ }
Dump ("RemappedAreaOffset = %I64d\n", Extension->Queue.RemappedAreaOffset);
Dump ("RemappedAreaDataUnitOffset = %I64d\n", Extension->Queue.RemappedAreaDataUnitOffset);