diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-09-26 07:56:26 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-10-17 18:17:48 +0200 |
| commit | c97186ae96d4835841b02d377a9002d078a6f83b (patch) | |
| tree | 80789b09c967f6b1aad9d36108bb729f216aebe4 /DcsInt | |
| parent | 224b1cc286122b8aca5002fec31ed0390b299403 (diff) | |
| download | VeraCrypt-DCS-c97186ae96d4835841b02d377a9002d078a6f83b.tar.gz VeraCrypt-DCS-c97186ae96d4835841b02d377a9002d078a6f83b.zip | |
Ensure sensitive memory is correctly erased.
Diffstat (limited to 'DcsInt')
| -rw-r--r-- | DcsInt/DcsInt.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/DcsInt/DcsInt.c b/DcsInt/DcsInt.c index 46398c9..b2fa76c 100644 --- a/DcsInt/DcsInt.c +++ b/DcsInt/DcsInt.c @@ -156,8 +156,8 @@ PrepareBootParams( SetSecRegionParamsMemory();
// Clean auth data
- ZeroMem(&gAuthPassword, sizeof(gAuthPassword));
- gAuthPim = 0;
+ burn(&gAuthPassword, sizeof(gAuthPassword));
+ burn(&gAuthPim, sizeof(gAuthPim));
return EFI_SUCCESS;
}
@@ -536,6 +536,7 @@ SecRegionChangePwd() { }
VCAskPwd(AskPwdConfirm, &confirmPassword);
if (gAuthPwdCode == AskPwdRetCancel) {
+ burn(&newPassword, sizeof(newPassword));
return EFI_NOT_READY;
}
if (newPassword.Length == confirmPassword.Length) {
@@ -921,15 +922,15 @@ VirtualNotifyEvent( {
// Clean all sensible info and keys before transfer to OS
if (SecRegionCryptInfo != NULL) {
- ZeroMem(SecRegionCryptInfo, sizeof(*SecRegionCryptInfo));
+ burn(SecRegionCryptInfo, sizeof(*SecRegionCryptInfo));
}
if (gRnd != NULL) {
- ZeroMem(gRnd, sizeof(*gRnd));
+ burn(gRnd, sizeof(*gRnd));
}
if (SecRegionData != NULL) {
- ZeroMem(SecRegionData, SecRegionSize);
+ burn(SecRegionData, SecRegionSize);
}
}
|