[OTR-dev] Secure memory
Ian Goldberg
ian at cypherpunks.ca
Sun Apr 12 04:41:41 EDT 2015
On Sun, Apr 12, 2015 at 01:07:10AM +0200, jvoisin wrote:
> Hello,
> while playing with compiler optimization and reading the norm to write a
> nice wipe_memory(char* mem, size_t len) function, I stumbled upon issue
> 23[1]. It seems that libgcrypt can now provide secure memory to
> application running as non-root. What about using this in libotr instead
> of a custom implementation?
>
> I pushed a patch on the `secmem` branch, that you can find attached to
> this mail.
What happens if you try to compile/run this with an earlier version of
libgcrypt than 2.6.7? Should there be a compile-time/run-time check?
> + /* Initialize 32k of secure memory */
> + gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0);
I'm a little worried about that explicit number. What happens if it's
not big enough?
The general idea is of course good; I just want to make sure I
understand the implications.
Thanks,
- Ian
More information about the OTR-dev
mailing list