Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-1844

Password string not cleared

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.9
    • 0.9.3
    • C++ - Library
    • None
    • SSL connection with authentication

    • Patch

    Description

      The function handling the SSL password receives a memory copy of the password which is then passed down to the OpenSSL library. The intermediate buffer used to get the password is not cleared one used up.

      This is a (rather low) security issue in case a memory scraper was used. The buffer should be cleared once not necessary anymore.

      The current function (in 0.9.0) looks like this:

      int TSSLSocketFactory::passwordCallback(char* password,
                                              int size,
                                              int,
                                              void* data) {
        TSSLSocketFactory* factory = (TSSLSocketFactory*)data;
        string userPassword;
        factory->getPassword(userPassword, size);
        int length = userPassword.size();
        if (length > size) {
          length = size;
        }
        strncpy(password, userPassword.c_str(), length);
        return length;
      }
      

      After the strncpy() I would suggest something like this:

      for(int i(userPassword.size()); i >= 0; --i) {
        userPassword[i] = '*';
      }
      

      Note that we cannot use the variable size because it gets modified and thus does not represent the whole password size at that point.

      Attachments

        Activity

          People

            Unassigned Unassigned
            alexiswilke Alexis Wilke
            Votes:
            1 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: