Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 104 lines (90 sloc) 3.037 kB
2b18b6e @FooBarWidget Continue working on the EventedMessageServer stuff.
FooBarWidget authored
1 /*
2 * Phusion Passenger - http://www.modrails.com/
3 * Copyright (c) 2010 Phusion
4 *
5 * "Phusion Passenger" is a trademark of Hongli Lai & Ninh Bui.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #ifndef _PASSENGER_MEM_ZERO_GUARD_H_
26 #define _PASSENGER_MEM_ZERO_GUARD_H_
27
28 #include <string>
29
30 namespace Passenger {
31
32 using namespace std;
33
34
35 /**
36 * Fills the given memory space or string with zeroes when a MemoryZeroGuard object
37 * is destroyed. Useful for ensuring that buffers containing password data or
38 * other sensitive information is cleared when it goes out of scope.
39 */
40 class MemZeroGuard {
41 private:
42 void *data;
43 unsigned int size;
44 string *str;
45
46 static void securelyZeroMemory(volatile void *data, unsigned int size) {
47 /* We do not use memset() here because the compiler may
48 * optimize out memset() calls. Instead, the following
49 * code is guaranteed to zero the memory.
50 * http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/protect-secrets.html
51 */
52 volatile char *p = (volatile char *) data;
53 while (size--) {
54 *p++ = 0;
55 }
56 }
57
58 public:
59 /**
60 * Creates a new MemZeroGuard object with a memory region to zero.
61 *
62 * @param data The data to zero after destruction.
63 * @param size The size of the data.
64 * @pre data != NULL
65 */
66 MemZeroGuard(void *data, unsigned int size) {
67 this->data = data;
68 this->size = size;
69 this->str = NULL;
70 }
71
72 /**
73 * Creates a new MemoryZeroGuard object with a string to zero.
74 *
75 * @param str The string to zero after destruction.
76 */
77 MemZeroGuard(string &str) {
78 this->data = NULL;
47a11ef @FooBarWidget Fix a compilation warning.
FooBarWidget authored
79 this->size = 0;
2b18b6e @FooBarWidget Continue working on the EventedMessageServer stuff.
FooBarWidget authored
80 this->str = &str;
81 }
82
83 /**
84 * Zero the data immediately. The data will still be zeroed after
85 * destruction of this object.
86 */
87 void zeroNow() {
88 if (str == NULL) {
89 securelyZeroMemory(data, size);
90 } else {
91 securelyZeroMemory((volatile void *) str->c_str(), str->size());
92 }
93 }
94
95 ~MemZeroGuard() {
96 zeroNow();
97 }
98 };
99
100
101 } // namespace Passenger
102
103 #endif /* _PASSENGER_MEM_ZERO_GUARD_H_ */
Something went wrong with that request. Please try again.