zero out plaintext buffers

Avoid leaving copies of the plaintext sitting around in the emscripten heap.
2016-12-15 13:37:34 +00:00 · 2016-12-15 13:37:34 +00:00 · 8356fa37ad
commit 8356fa37ad
parent 76610c0a3a
3 changed files with 23 additions and 8 deletions
--- a/javascript/olm_inbound_group_session.js
+++ b/javascript/olm_inbound_group_session.js
@ -64,7 +64,7 @@ InboundGroupSession.prototype['create'] = restore_stack(function(session_key) {
 InboundGroupSession.prototype['decrypt'] = restore_stack(function(
    message
 ) {
-    var message_buffer, plaintext_buffer;
+    var message_buffer, plaintext_buffer, plaintext_length;

    try {
        message_buffer = malloc(message.length);
@ -80,7 +80,7 @@ InboundGroupSession.prototype['decrypt'] = restore_stack(function(
        plaintext_buffer = malloc(max_plaintext_length + NULL_BYTE_PADDING_LENGTH);
        var message_index = stack(4);

-        var plaintext_length = inbound_group_session_method(
+        plaintext_length = inbound_group_session_method(
            Module["_olm_group_decrypt"]
        )(
            this.ptr,
@ -105,6 +105,8 @@ InboundGroupSession.prototype['decrypt'] = restore_stack(function(
            free(message_buffer);
        }
        if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, plaintext_length + NULL_BYTE_PADDING_LENGTH);
            free(plaintext_buffer);
        }
    }
--- a/javascript/olm_outbound_group_session.js
+++ b/javascript/olm_outbound_group_session.js
@ -64,9 +64,9 @@ OutboundGroupSession.prototype['create'] = restore_stack(function() {
 });

 OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
-    var plaintext_buffer, message_buffer;
+    var plaintext_buffer, message_buffer, plaintext_length;
    try {
-        var plaintext_length = Module['lengthBytesUTF8'](plaintext);
+        plaintext_length = Module['lengthBytesUTF8'](plaintext);

        var message_length = outbound_group_session_method(
            Module['_olm_group_encrypt_message_length']
@ -86,6 +86,8 @@ OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
        return Module['UTF8ToString'](message_buffer);
    } finally {
        if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, plaintext_length + 1);
            free(plaintext_buffer);
        }
        if (message_buffer !== undefined) {
--- a/javascript/olm_post.js
+++ b/javascript/olm_post.js
@ -42,6 +42,13 @@ function restore_stack(wrapped) {
    }
 }

+/* set a memory area to zero */
+function bzero(ptr, n) {
+    while(n-- > 0) {
+        Module['HEAP8'][ptr++] = 0;
+    }
+}
+
 function Account() {
    var size = Module['_olm_account_size']();
    this.buf = malloc(size);
@ -299,7 +306,7 @@ Session.prototype['matches_inbound_from'] = restore_stack(function(
 Session.prototype['encrypt'] = restore_stack(function(
    plaintext
 ) {
-    var plaintext_buffer, message_buffer;
+    var plaintext_buffer, message_buffer, plaintext_length;
    try {
        var random_length = session_method(
            Module['_olm_encrypt_random_length']
@ -308,7 +315,7 @@ Session.prototype['encrypt'] = restore_stack(function(
            Module['_olm_encrypt_message_type']
        )(this.ptr);

-        var plaintext_length = Module['lengthBytesUTF8'](plaintext);
+        plaintext_length = Module['lengthBytesUTF8'](plaintext);
        var message_length = session_method(
            Module['_olm_encrypt_message_length']
        )(this.ptr, plaintext_length);
@ -334,6 +341,8 @@ Session.prototype['encrypt'] = restore_stack(function(
        };
    } finally {
        if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, plaintext_length + 1);
            free(plaintext_buffer);
        }
        if (message_buffer !== undefined) {
@ -345,13 +354,13 @@ Session.prototype['encrypt'] = restore_stack(function(
 Session.prototype['decrypt'] = restore_stack(function(
    message_type, message
 ) {
-    var message_buffer, plaintext_buffer;
+    var message_buffer, plaintext_buffer, max_pliantext_length;

    try {
        message_buffer = malloc(message.length);
        Module['writeAsciiToMemory'](message, message_buffer, true);

-        var max_plaintext_length = session_method(
+        max_plaintext_length = session_method(
            Module['_olm_decrypt_max_plaintext_length']
        )(this.ptr, message_type, message_buffer, message.length);

@ -379,6 +388,8 @@ Session.prototype['decrypt'] = restore_stack(function(
            free(message_buffer);
        }
        if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, max_plaintext_length + NULL_BYTE_PADDING_LENGTH);
            free(plaintext_buffer);
        }
    }