Some attempt to clear the passphrase command-line argument from the memory.

This commit is contained in:
LoRd_MuldeR 2020-10-16 18:05:37 +02:00
parent 3683d2c450
commit 15a091cc49
Signed by: mulder
GPG Key ID: 2B5913365F57E03F
2 changed files with 15 additions and 3 deletions

View File

@ -16,6 +16,7 @@
#include <signal.h>
#define BUFF_SIZE 4096U
static const CHR *const ENVV_PASSWD_NAME = T("MCRYPT_PASSWD");
static volatile int g_interrupted = 0;
@ -114,6 +115,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
}
FPUTS(T("Encrypting file contents, please be patient... "), stderr);
fflush(stderr);
uint64_t seed;
if (mcrypt_generate_seed(&seed) != MCRYPT_SUCCESS)
@ -140,6 +142,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co
uint8_t buffer[BUFF_SIZE];
FPRINTF(stderr, T("%5.1f%% "), 0.0);
fflush(stderr);
while (bytes_read < file_size)
{
@ -248,6 +251,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
}
FPUTS(T("Decrypting file contents, please be patient... "), stderr);
fflush(stderr);
uint64_t seed;
if (fread(&seed, sizeof(uint64_t), 1U, file_in) < 1U)
@ -269,6 +273,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co
const uint64_t read_limit = file_size - sizeof(uint64_t);
FPRINTF(stderr, T("%5.1f%% "), 0.0);
fflush(stderr);
while (bytes_read < read_limit)
{
@ -445,12 +450,14 @@ static int self_test(void)
size_t completed = 0U;
FPRINTF(stderr, T("Self-test is running, please be patient... %2u/%2u "), (unsigned int)completed, (unsigned int)total);
fflush(stderr);
for (size_t i = 0U; i < 8U; ++i)
{
for (size_t j = 0U; test_data[j]; ++j)
{
FPRINTF(stderr, T("\b\b\b\b\b%2u/%2u"), (unsigned int)++completed, (unsigned int)total);
FPRINTF(stderr, T("\b\b\b\b\b\b%2u/%2u "), (unsigned int)++completed, (unsigned int)total);
fflush(stderr);
if (run_test(test_data[j]))
{
return 1;
@ -545,6 +552,8 @@ int MAIN(int argc, CHR* argv[])
return 1;
}
mcrypt_bzero((CHR*)passphrase, STRLEN(passphrase) * sizeof(CHR));
if (strlen(passphrase_buffer) < 12U)
{
FPUTS(T("Warning: Using a *short* passphrase; a length of 12 characters or more is recommended!\n\n"), stderr);
@ -587,6 +596,5 @@ exiting:
free(passphrase_buffer);
}
mcrypt_bzero((CHR*)passphrase, STRLEN(passphrase) * sizeof(CHR));
return result;
}

View File

@ -24,6 +24,8 @@
#define S_IFMT _S_IFMT
#define S_IFDIR _S_IFDIR
#define S_IFIFO _S_IFIFO
extern char *const _acmdln;
extern wchar_t *const _wcmdln;
#else
#if defined(__USE_LARGEFILE64) && (__USE_LARGEFILE64)
#define STAT_T struct stat64
@ -40,6 +42,8 @@ void init_terminal(void)
#ifdef _WIN32
SetErrorMode(SEM_FAILCRITICALERRORS | SEM_NOGPFAULTERRORBOX);
_setmode(_fileno(stderr), _O_U8TEXT);
if (_acmdln) SecureZeroMemory(_acmdln, strlen(_acmdln) * sizeof(char));
if (_wcmdln) SecureZeroMemory(_wcmdln, wcslen(_wcmdln) * sizeof(wchar_t));
#endif
}