Vulnerability Development mailing list archives
RE: Software leaves encryption keys, passwords lying around in me mory
From: Michael Wojcik <Michael.Wojcik () microfocus com>
Date: Wed, 30 Oct 2002 11:48:30 -0800
From: pgut001 () cs auckland ac nz [mailto:pgut001 () cs auckland ac nz] Sent: Wednesday, October 30, 2002 11:12 AM
The problem he points out is that clearing sensitive information such as encryption keys from memory may not work as expected because an optimising compiler removes the memset() if it decides it's redundant.
setmem.c: #include <stddef.h> #include <string.h> void *setmem(void *s, int c, size_t n) {return memset(s, c, n);} other modules: #include <stddef.h> #include <string.h> extern void *setmem(void *, int, size_t); and replace sensitive-data memset with setmem. It's an external function, so only compilers that can eliminate zero-effect code across translation units can remove the call. No "tricks" required, and it'll work with every compiler I'm familiar with, for the price of one or two function calls. (Two in the case where the original memset could have been inlined, but typically the amount of sensitive data being cleared is negligible.) If you don't want to edit source, and memset performance isn't absolutely critical, you can just -Dmemset=setmem when compiling existing source and link with setmem.o (modulo development environment conventions of course). Michael Wojcik Principal Software Systems Developer, Micro Focus
Current thread:
- RE: Software leaves encryption keys, passwords lying around in me mory Michael Wojcik (Oct 30)
- <Possible follow-ups>
- RE: Software leaves encryption keys, passwords lying around in me mory Michael Wojcik (Oct 31)