Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 104 lines (90 sloc) 3.037 kb
2b18b6e Hongli Lai Continue working on the EventedMessageServer stuff.
FooBarWidget authored
1 /*
2 * Phusion Passenger - http://www.modrails.com/
3 * Copyright (c) 2010 Phusion
4 *
5 * "Phusion Passenger" is a trademark of Hongli Lai & Ninh Bui.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #ifndef _PASSENGER_MEM_ZERO_GUARD_H_
26 #define _PASSENGER_MEM_ZERO_GUARD_H_
27
28 #include <string>
29
30 namespace Passenger {
31
32 using namespace std;
33
34
35 /**
36 * Fills the given memory space or string with zeroes when a MemoryZeroGuard object
37 * is destroyed. Useful for ensuring that buffers containing password data or
38 * other sensitive information is cleared when it goes out of scope.
39 */
40 class MemZeroGuard {
41 private:
42 void *data;
43 unsigned int size;
44 string *str;
45
46 static void securelyZeroMemory(volatile void *data, unsigned int size) {
47 /* We do not use memset() here because the compiler may
48 * optimize out memset() calls. Instead, the following
49 * code is guaranteed to zero the memory.
50 * http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/protect-secrets.html
51 */
52 volatile char *p = (volatile char *) data;
53 while (size--) {
54 *p++ = 0;
55 }
56 }
57
58 public:
59 /**
60 * Creates a new MemZeroGuard object with a memory region to zero.
61 *
62 * @param data The data to zero after destruction.
63 * @param size The size of the data.
64 * @pre data != NULL
65 */
66 MemZeroGuard(void *data, unsigned int size) {
67 this->data = data;
68 this->size = size;
69 this->str = NULL;
70 }
71
72 /**
73 * Creates a new MemoryZeroGuard object with a string to zero.
74 *
75 * @param str The string to zero after destruction.
76 */
77 MemZeroGuard(string &str) {
78 this->data = NULL;
47a11ef Hongli Lai Fix a compilation warning.
FooBarWidget authored
79 this->size = 0;
2b18b6e Hongli Lai Continue working on the EventedMessageServer stuff.
FooBarWidget authored
80 this->str = &str;
81 }
82
83 /**
84 * Zero the data immediately. The data will still be zeroed after
85 * destruction of this object.
86 */
87 void zeroNow() {
88 if (str == NULL) {
89 securelyZeroMemory(data, size);
90 } else {
91 securelyZeroMemory((volatile void *) str->c_str(), str->size());
92 }
93 }
94
95 ~MemZeroGuard() {
96 zeroNow();
97 }
98 };
99
100
101 } // namespace Passenger
102
103 #endif /* _PASSENGER_MEM_ZERO_GUARD_H_ */
Something went wrong with that request. Please try again.