[Libreoffice-commits] .: sdext/source
Libreoffice Gerrit user
logerrit at kemper.freedesktop.org
Mon Aug 27 12:29:08 PDT 2012
sdext/source/pdfimport/filterdet.cxx | 4 ----
sdext/source/pdfimport/wrapper/wrapper.cxx | 6 ------
2 files changed, 10 deletions(-)
New commits:
commit fe1e68503651382114d76759c6901bf685d8e106
Author: Arnaud Versini <arnaud.versini at gmail.com>
Date: Sat Aug 25 13:57:34 2012 +0200
Remove ineffective password erasing security in PDF Import
Change-Id: Ic49101733f034cc1165bd3c7704481a569f8a75c
Reviewed-on: https://gerrit.libreoffice.org/489
Reviewed-by: Kohei Yoshida <kohei.yoshida at gmail.com>
Reviewed-by: Caolán McNamara <caolanm at redhat.com>
Tested-by: Caolán McNamara <caolanm at redhat.com>
diff --git a/sdext/source/pdfimport/filterdet.cxx b/sdext/source/pdfimport/filterdet.cxx
index 8cbcd36..0629718 100644
--- a/sdext/source/pdfimport/filterdet.cxx
+++ b/sdext/source/pdfimport/filterdet.cxx
@@ -690,8 +690,6 @@ uno::Reference< io::XStream > getAdditionalStream( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
}
if( ! bAuthenticated )
{
@@ -719,8 +717,6 @@ uno::Reference< io::XStream > getAdditionalStream( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
} while( bEntered && ! bAuthenticated );
}
diff --git a/sdext/source/pdfimport/wrapper/wrapper.cxx b/sdext/source/pdfimport/wrapper/wrapper.cxx
index 772dac3..61d4b29 100644
--- a/sdext/source/pdfimport/wrapper/wrapper.cxx
+++ b/sdext/source/pdfimport/wrapper/wrapper.cxx
@@ -933,8 +933,6 @@ static bool checkEncryption( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
}
if( bAuthenticated )
bSuccess = true;
@@ -949,16 +947,12 @@ static bool checkEncryption( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory( (void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
} while( bEntered && ! bAuthenticated );
}
OSL_TRACE( "password: %s", bAuthenticated ? "matches" : "does not match" );
bSuccess = bAuthenticated;
}
- // trash password string on heap
- rtl_zeroMemory( (void*)io_rPwd.getStr(), io_rPwd.getLength()*sizeof(sal_Unicode) );
if( bAuthenticated )
{
rtl::OUStringBuffer aBuf( 128 );
More information about the Libreoffice-commits
mailing list