From 9ec44a2b06799709fcba197372f596f85f74feb8 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Tue, 19 Dec 2017 11:55:45 +0000 Subject: [PATCH 1/3] wipeable_string: fix clear and push_back --- contrib/epee/src/wipeable_string.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/contrib/epee/src/wipeable_string.cpp b/contrib/epee/src/wipeable_string.cpp index 75191df71..c8fed7bb3 100644 --- a/contrib/epee/src/wipeable_string.cpp +++ b/contrib/epee/src/wipeable_string.cpp @@ -89,7 +89,10 @@ void wipeable_string::grow(size_t sz, size_t reserved) reserved = sz; CHECK_AND_ASSERT_THROW_MES(reserved >= sz, "reserved < sz"); if (reserved <= buffer.capacity()) + { + buffer.resize(sz); return; + } size_t old_sz = buffer.size(); std::unique_ptr tmp{new char[old_sz]}; memcpy(tmp.get(), buffer.data(), old_sz * sizeof(char)); @@ -103,7 +106,7 @@ void wipeable_string::grow(size_t sz, size_t reserved) void wipeable_string::push_back(char c) { grow(size() + 1); - buffer.push_back(c); + buffer.back() = c; } void wipeable_string::pop_back() From 5f801b6adfeb8d0fa8afc1183ff3ff5318624221 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Tue, 19 Dec 2017 14:00:41 +0000 Subject: [PATCH 2/3] wipeable_string: ignore reserve size less than actual size This was asserting, but stoffu pointed out the std::string standard considers this ok and ignorable --- contrib/epee/src/wipeable_string.cpp | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/contrib/epee/src/wipeable_string.cpp b/contrib/epee/src/wipeable_string.cpp index c8fed7bb3..2ec1e5469 100644 --- a/contrib/epee/src/wipeable_string.cpp +++ b/contrib/epee/src/wipeable_string.cpp @@ -85,9 +85,8 @@ void wipeable_string::wipe() void wipeable_string::grow(size_t sz, size_t reserved) { CHECK_AND_ASSERT_THROW_MES(wipefunc, "wipefunc is not set"); - if (reserved == 0) + if (reserved < sz) reserved = sz; - CHECK_AND_ASSERT_THROW_MES(reserved >= sz, "reserved < sz"); if (reserved <= buffer.capacity()) { buffer.resize(sz); From 6c94516fb49f450f291c2092b829f3094215cf04 Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Tue, 19 Dec 2017 14:03:35 +0000 Subject: [PATCH 3/3] wipeable_string: move a wipe from reserve to grow That way, all implicit wipes ends up in grow, which is more robust --- contrib/epee/src/wipeable_string.cpp | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/contrib/epee/src/wipeable_string.cpp b/contrib/epee/src/wipeable_string.cpp index 2ec1e5469..894c47bbd 100644 --- a/contrib/epee/src/wipeable_string.cpp +++ b/contrib/epee/src/wipeable_string.cpp @@ -89,6 +89,8 @@ void wipeable_string::grow(size_t sz, size_t reserved) reserved = sz; if (reserved <= buffer.capacity()) { + if (sz < buffer.size()) + wipefunc(buffer.data() + sz, buffer.size() - sz); buffer.resize(sz); return; } @@ -115,9 +117,6 @@ void wipeable_string::pop_back() void wipeable_string::resize(size_t sz) { - CHECK_AND_ASSERT_THROW_MES(wipefunc, "wipefunc is not set"); - if (sz < buffer.size()) - wipefunc(buffer.data() + sz, buffer.size() - sz); grow(sz); }