Re: When scrubbing secrets in memory doesn't work

• Previous message: Peter Arnts: "Re: Motorola Cable Modem DOS"
• In reply to: Michael Howard: "When scrubbing secrets in memory doesn't work"
• Next in thread: Jan Echternach: "Re: When scrubbing secrets in memory doesn't work"
• Reply: Jan Echternach: "Re: When scrubbing secrets in memory doesn't work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At Dienstag, 5. November 2002 23:13 Michael Howard wrote:
> During the Windows Security Push in Feb/Mar 2002, we noticed an
> 'interesting' anomaly with code to scrub passwords that looks like this:
>
> bool DoSensitiveStuff() {
> 	bool fOK = false;
> 	const size_t cbPwd = 64;
> 	char szPwd[cbPwd];
> 	if (GetUserPassword(szPwd,cbPwd-1))
> 		if (DoSomethingWithPassword(szPwd))
> 			fOK = true;
>
> 	memset(szPwd,0,cbPwd);
>
> 	return fOK;
> }

Not to declare the intermediate storage for sensitive
data as 'volatile' is a coding flaw. An esily overlooked
one, yes, but nevertheless... Like forgetting to protect
critical code with semaphores.

- -- 
Michael Zimmermann  (http://vegaa.de)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9y+UG72vu22ltWBERAqduAJ0YGSuDIWmU1boNIq/BFObDfSxi8gCfV3Si
R07sgLDQFqsZ8Rz2xVclOA0=
=2qe3
-----END PGP SIGNATURE-----

• Next message: Nils Reichen: "Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810"
• Previous message: Peter Arnts: "Re: Motorola Cable Modem DOS"
• In reply to: Michael Howard: "When scrubbing secrets in memory doesn't work"
• Next in thread: Jan Echternach: "Re: When scrubbing secrets in memory doesn't work"
• Reply: Jan Echternach: "Re: When scrubbing secrets in memory doesn't work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Nov 09 2002 - 08:50:19 PST