[fpc-pascal] Processing passwords etc.
Mark Morgan Lloyd
markMLl.fpc-pascal at telemetry.co.uk
Fri Apr 11 21:39:15 CEST 2014
waldo kitty wrote:
> On 4/11/2014 5:03 AM, Michael Van Canneyt wrote:
>> The main point is that in FPC you can install a memory manager that
>> wipes out
>> any memory when getting or releasing it, if you want to make your
>> software more
>> secure that way.
> how would one go about doing this? i learned in my TP3/6 days to use
> fillchar on everything to ensure that it was filled with 0x00...
> especially my data files... when looking at them with a hex editor, my
> OCD would hit strongly because the data file was "not clean and holding
> only my data"...
The ideal is to overwrite sensitive data with random bytes, since even
the length of a zero block can be useful to an attacker.
> i don't know how one would go about cleaning released memory as someone
> else asked about (eg: extending an array or string or etc)... once the
> memory is released, it is no longer accessible, right?
But since the deallocated memory is going to a local heap, sooner or
later you're likely to get that back as a new block. That, as I
understand it, is what happened in OpenSSL.
The worst case would be if a cautious programmer zeroed everything that
he was freeing explicitly, without realising that any strings he
extended were going back into the heap intact so now stood out like a
sore thumb. Anybody who was able to inspect the heap would see only
strings that had subsequently been expanded:
password := getFromUser(); // Probably about 7 chars
password += #$00 + systemName(); // Leaves password on heap
zeroString(password) // Length doesn't change
end; // Zeroed block freed to heap
Mark Morgan Lloyd
markMLl .AT. telemetry.co .DOT. uk
[Opinions above are the author's, not those of his employers or colleagues]
More information about the fpc-pascal