Zapping memory and C++ compatibility

Derek Atkins warlord at MIT.EDU
Sat Nov 21 07:51:16 EST 2009


I think the problem is that you cannot use a C-style cast to cast an
object to a void* pointer in C++.  You might need to use a 'static_cast'
to do so, which means you might need to do something like:

#ifdef __cplusplus
#define krb5int_zap_data(ptr, len) memset(static_cast<volatile void 
*>(ptr), 0,
len)
#else
#define krb5int_zap_data(ptr, len) memset((volatile void *)ptr, 0, len)
#endif

-derek

Quoting ghudson at MIT.EDU:

> Back in 2002 or so, people noticed that certain compilers (I think gcc
> 3.x and Visual C++) would sometimes optimize out a memset() which they
> could prove doesn't affect the execution of the program according to
> standardized behaviors (which doesn't include accessing stack garbage
> or the contents of core dumps or anything of that sort).  So, there
> was a lot of discussion about how to securely zero passwords or
> cryptographic keys.
>
> We had out own discussion, which you can review at
> http://mailman.mit.edu/pipermail/krbdev/2002-November/000871.html.
> The eventual upshot was this collection of macros or inlines:
>
> Win32: #define krb5int_zap_data(ptr, len) SecureZeroMemory(ptr, len)
> gcc:   static inline void krb5int_zap_data(void *ptr, size_t len) {
>       memset(ptr, 0, len); asm volatile ("" : : "g" (ptr), "g" (len)); }
> else:  #define krb5int_zap_data(ptr, len) memset((volatile void 
> *)ptr, 0, len)
>
> The last construction was based on the idea that a hypothetical
> compiler might see the cast through volatile void * and decide not to
> perform an optimization.  It's not clear to me how valid this
> reasoning is, since neither the proximal type (after the implicit cast
> to void * by the call to memset) nor the original type is volatile.
>
> Today's problem is that the last construction isn't valid C++.  We
> have a test case which tries passing k5-int.h through C++ compiler,
> and it now fails on Solaris with the native compiler.  It didn't fail
> before because the macro was never expanded within k5-int.h, but now
> it gets expanded by the new zapfree() inline function.
>
> So, I'm trying to figure out how to resolve this C++ compatibility
> issue without raising the likelihood of an information leakage
> vulnerability.  A possible choice is to make the macro more obviously
> wishy-washy by explicitly casting ptr back to void *:
>
>  memset((void *)(volatile void *)ptr, 0, len)
>
> Anyway, advice appreciated if anyone on the list has expertise in this
> issue.
> _______________________________________________
> krbdev mailing list             krbdev at mit.edu
> https://mailman.mit.edu/mailman/listinfo/krbdev
>



-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord at MIT.EDU                        PGP key available




More information about the krbdev mailing list