[PATCH] Wipe potentially sensitive stack memory.
Werner Koch
wk at gnupg.org
Fri Jun 11 07:56:57 CEST 2021
Hi Ben,
On Tue, 8 Jun 2021 20:51, Ben Kibbey said:
> * src/data.c (_gpgme_data_inbound_handler): Wipe buffer before return.
Is that intended for passphrase callbacks or secret key export? Would a
flag flagging such a data object holding sensitive data not be better?
BTW, I plan to allow for lager buffers in this function to reduce the
overhead for certain callers which don't work well with small data
blocks. Thus a new data object flag will anyway be added.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20210611/2b209231/attachment.sig>
More information about the Gnupg-devel
mailing list