VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Driver/DriveFilter.c
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2015-02-08 22:41:37 (GMT)
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2015-02-09 10:01:16 (GMT)
commit516da2229d66232f8c6ad84f5fecbdfc8c8f9f67 (patch)
tree692199bfe2d61f553d738eccab77c6f0bf557e17 /src/Driver/DriveFilter.c
parent28a9eaf0e3e516e61e7a0585e6b7c9e7465bd342 (diff)
downloadVeraCrypt-516da2229d66232f8c6ad84f5fecbdfc8c8f9f67.zip
VeraCrypt-516da2229d66232f8c6ad84f5fecbdfc8c8f9f67.tar.gz
Static Code Analysis: in Windows Driver, avoid using uninitialized stack memory as random and use proper random value for wipe operation. Solve potential double-free issue.
Diffstat (limited to 'src/Driver/DriveFilter.c')
-rw-r--r--src/Driver/DriveFilter.c39
1 files changed, 39 insertions, 0 deletions
diff --git a/src/Driver/DriveFilter.c b/src/Driver/DriveFilter.c
index df1e235..73a1a53 100644
--- a/src/Driver/DriveFilter.c
+++ b/src/Driver/DriveFilter.c
@@ -1176,6 +1176,36 @@ static VOID SetupThreadProc (PVOID threadArg)
KIRQL irql;
NTSTATUS status;
+ // generate real random values for wipeRandChars and
+ // wipeRandCharsUpdate instead of relying on uninitialized stack memory
+ LARGE_INTEGER iSeed;
+ KeQuerySystemTime( &iSeed );
+ if (KeGetCurrentIrql() < DISPATCH_LEVEL)
+ {
+ ULONG ulRandom;
+ ulRandom = RtlRandomEx( &iSeed.LowPart );
+ memcpy (wipeRandChars, &ulRandom, TC_WIPE_RAND_CHAR_COUNT);
+ ulRandom = RtlRandomEx( &ulRandom );
+ memcpy (wipeRandCharsUpdate, &ulRandom, TC_WIPE_RAND_CHAR_COUNT);
+ burn (&ulRandom, sizeof(ulRandom));
+ }
+ else
+ {
+ byte digest[SHA512_DIGESTSIZE];
+ sha512_ctx tctx;
+ sha512_begin (&tctx);
+ sha512_hash ((unsigned char *) &(iSeed.QuadPart), sizeof(iSeed.QuadPart), &tctx);
+ sha512_end (digest, &tctx);
+
+ memcpy (wipeRandChars, digest, TC_WIPE_RAND_CHAR_COUNT);
+ memcpy (wipeRandCharsUpdate, &digest[SHA512_DIGESTSIZE - TC_WIPE_RAND_CHAR_COUNT], TC_WIPE_RAND_CHAR_COUNT);
+
+ burn (digest, SHA512_DIGESTSIZE);
+ burn (&tctx, sizeof (tctx));
+ }
+
+ burn (&iSeed, sizeof(iSeed));
+
SetupResult = STATUS_UNSUCCESSFUL;
// Make sure volume header can be updated
@@ -1475,9 +1505,18 @@ err:
ret:
if (buffer)
+ {
+ burn (buffer, TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE);
TCfree (buffer);
+ }
if (wipeBuffer)
+ {
+ burn (wipeBuffer, TC_ENCRYPTION_SETUP_IO_BLOCK_SIZE);
TCfree (wipeBuffer);
+ }
+
+ burn (wipeRandChars, TC_WIPE_RAND_CHAR_COUNT);
+ burn (wipeRandCharsUpdate, TC_WIPE_RAND_CHAR_COUNT);
SetupInProgress = FALSE;
PsTerminateSystemThread (SetupResult);