Some attempt to clear the passphrase command-line argument from the memory.
This commit is contained in:
parent
3683d2c450
commit
15a091cc49
@ -16,6 +16,7 @@
|
||||
#include <signal.h>
|
||||
|
||||
#define BUFF_SIZE 4096U
|
||||
|
||||
static const CHR *const ENVV_PASSWD_NAME = T("MCRYPT_PASSWD");
|
||||
static volatile int g_interrupted = 0;
|
||||
|
||||
@ -114,6 +115,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
}
|
||||
|
||||
FPUTS(T("Encrypting file contents, please be patient... "), stderr);
|
||||
fflush(stderr);
|
||||
|
||||
uint64_t seed;
|
||||
if (mcrypt_generate_seed(&seed) != MCRYPT_SUCCESS)
|
||||
@ -140,6 +142,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
uint8_t buffer[BUFF_SIZE];
|
||||
|
||||
FPRINTF(stderr, T("%5.1f%% "), 0.0);
|
||||
fflush(stderr);
|
||||
|
||||
while (bytes_read < file_size)
|
||||
{
|
||||
@ -248,6 +251,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
}
|
||||
|
||||
FPUTS(T("Decrypting file contents, please be patient... "), stderr);
|
||||
fflush(stderr);
|
||||
|
||||
uint64_t seed;
|
||||
if (fread(&seed, sizeof(uint64_t), 1U, file_in) < 1U)
|
||||
@ -269,6 +273,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
|
||||
const uint64_t read_limit = file_size - sizeof(uint64_t);
|
||||
|
||||
FPRINTF(stderr, T("%5.1f%% "), 0.0);
|
||||
fflush(stderr);
|
||||
|
||||
while (bytes_read < read_limit)
|
||||
{
|
||||
@ -445,12 +450,14 @@ static int self_test(void)
|
||||
|
||||
size_t completed = 0U;
|
||||
FPRINTF(stderr, T("Self-test is running, please be patient... %2u/%2u "), (unsigned int)completed, (unsigned int)total);
|
||||
fflush(stderr);
|
||||
|
||||
for (size_t i = 0U; i < 8U; ++i)
|
||||
{
|
||||
for (size_t j = 0U; test_data[j]; ++j)
|
||||
{
|
||||
FPRINTF(stderr, T("\b\b\b\b\b%2u/%2u"), (unsigned int)++completed, (unsigned int)total);
|
||||
FPRINTF(stderr, T("\b\b\b\b\b\b%2u/%2u "), (unsigned int)++completed, (unsigned int)total);
|
||||
fflush(stderr);
|
||||
if (run_test(test_data[j]))
|
||||
{
|
||||
return 1;
|
||||
@ -545,6 +552,8 @@ int MAIN(int argc, CHR* argv[])
|
||||
return 1;
|
||||
}
|
||||
|
||||
mcrypt_bzero((CHR*)passphrase, STRLEN(passphrase) * sizeof(CHR));
|
||||
|
||||
if (strlen(passphrase_buffer) < 12U)
|
||||
{
|
||||
FPUTS(T("Warning: Using a *short* passphrase; a length of 12 characters or more is recommended!\n\n"), stderr);
|
||||
@ -587,6 +596,5 @@ exiting:
|
||||
free(passphrase_buffer);
|
||||
}
|
||||
|
||||
mcrypt_bzero((CHR*)passphrase, STRLEN(passphrase) * sizeof(CHR));
|
||||
return result;
|
||||
}
|
||||
|
@ -24,6 +24,8 @@
|
||||
#define S_IFMT _S_IFMT
|
||||
#define S_IFDIR _S_IFDIR
|
||||
#define S_IFIFO _S_IFIFO
|
||||
extern char *const _acmdln;
|
||||
extern wchar_t *const _wcmdln;
|
||||
#else
|
||||
#if defined(__USE_LARGEFILE64) && (__USE_LARGEFILE64)
|
||||
#define STAT_T struct stat64
|
||||
@ -40,6 +42,8 @@ void init_terminal(void)
|
||||
#ifdef _WIN32
|
||||
SetErrorMode(SEM_FAILCRITICALERRORS | SEM_NOGPFAULTERRORBOX);
|
||||
_setmode(_fileno(stderr), _O_U8TEXT);
|
||||
if (_acmdln) SecureZeroMemory(_acmdln, strlen(_acmdln) * sizeof(char));
|
||||
if (_wcmdln) SecureZeroMemory(_wcmdln, wcslen(_wcmdln) * sizeof(wchar_t));
|
||||
#endif
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user