Linux/MacOSX: Erase sensitive memory explicitly instead of relying on the compiler not optimizing calls to method Memory::Erase

2025-11-12 03:18:26 -06:00 · 2020-06-28 00:59:57 +02:00
parent fded83d25c
commit 885cc1d01d
7 changed files with 5 additions and 15 deletions
--- a/src/Platform/Buffer.cpp
+++ b/src/Platform/Buffer.cpp
@@ -77,7 +77,7 @@ namespace VeraCrypt
 	void Buffer::Erase ()
 	{
 		if (DataSize > 0)
-			Memory::Erase (DataPtr, DataSize);
+			burn (DataPtr, DataSize);
 	}

 	void Buffer::Free ()
--- a/src/Platform/Memory.cpp
+++ b/src/Platform/Memory.cpp
@@ -10,7 +10,6 @@
 code distribution packages.
 */

-#include "Common/Tcdefs.h"
 #include "Memory.h"
 #include "Exception.h"
 #include <stdlib.h>
@@ -62,11 +61,6 @@ namespace VeraCrypt
 		memcpy (memoryDestination, memorySource, size);
 	}

-	void Memory::Erase (void *memory, size_t size)
-	{
-		burn (memory, size);
-	}
-
 	void Memory::Zero (void *memory, size_t size)
 	{
 		memset (memory, 0, size);
--- a/src/Platform/Memory.h
+++ b/src/Platform/Memory.h
@@ -16,6 +16,7 @@
 #include <new>
 #include <memory.h>
 #include "PlatformBase.h"
+#include "Common/Tcdefs.h"

 #ifdef TC_WINDOWS

@@ -76,7 +77,6 @@ namespace VeraCrypt
 		static void *AllocateAligned (size_t size, size_t alignment);
 		static int Compare (const void *memory1, size_t size1, const void *memory2, size_t size2);
 		static void Copy (void *memoryDestination, const void *memorySource, size_t size);
-		static void Erase (void *memory, size_t size);
 		static void Free (void *memory);
 		static void FreeAligned (void *memory);
 		static void Zero (void *memory, size_t size);
--- a/src/Platform/StringConverter.cpp
+++ b/src/Platform/StringConverter.cpp
@@ -233,7 +233,7 @@ namespace VeraCrypt

 			str.clear();
 			str.insert (0, &buf.front(), size);
-			Memory::Erase (&buf.front(), buf.size());
+			burn (&buf.front(), buf.size());
 		}
 		catch (...)
 		{