RFR: 8282038: CipherSpi.bufferCrypt leaves plaintext copy on the heap
Valerie Peng
valeriep at openjdk.java.net
Wed Jun 15 22:30:55 UTC 2022
On Wed, 15 Jun 2022 19:58:41 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/GCTR.java line 242:
>>
>>> 240: dst.put(in, 0, processed);
>>> 241: } finally {
>>> 242: Arrays.fill(in, (byte)0);
>>
>> The same handling should be applied to the 'out' buffer allocated on line 177 assuming the idea is to not leaving copies of user data lying around on the heap. Recovered text may contain the same bytes as plain text, so arguably the same handling should be applied to both input/output?
>
> Seems so. BTW, I was using a test-driven programming model and have not observed a leak here. I'll see if I can trigger one.
Sounds good. Rest of changes look fine.
-------------
PR: https://git.openjdk.org/jdk/pull/9158
More information about the security-dev
mailing list