sdext/source/pdfimport/filterdet.cxx | 4 ----
sdext/source/pdfimport/wrapper/wrapper.cxx | 6 ------
2 files changed, 10 deletions(-)
New commits:
commit fe1e68503651382114d76759c6901bf685d8e106
Author: Arnaud Versini <arnaud.vers...@gmail.com>
Date: Sat Aug 25 13:57:34 2012 +0200
Remove ineffective password erasing security in PDF Import
Change-Id: Ic49101733f034cc1165bd3c7704481a569f8a75c
Reviewed-on: https://gerrit.libreoffice.org/489
Reviewed-by: Kohei Yoshida <kohei.yosh...@gmail.com>
Reviewed-by: Caolán McNamara <caol...@redhat.com>
Tested-by: Caolán McNamara <caol...@redhat.com>
diff --git a/sdext/source/pdfimport/filterdet.cxx
b/sdext/source/pdfimport/filterdet.cxx
index 8cbcd36..0629718 100644
--- a/sdext/source/pdfimport/filterdet.cxx
+++ b/sdext/source/pdfimport/filterdet.cxx
@@ -690,8 +690,6 @@ uno::Reference< io::XStream > getAdditionalStream( const
rtl::OUString&
rtl::OString aIsoPwd =
rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated =
pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory( (void*)aIsoPwd.getStr(),
aIsoPwd.getLength() );
}
if( ! bAuthenticated )
{
@@ -719,8 +717,6 @@ uno::Reference< io::XStream > getAdditionalStream( const
rtl::OUString&
rtl::OString aIsoPwd =
rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated =
pPDFFile->setupDecryptionData( aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory(
(void*)aIsoPwd.getStr(), aIsoPwd.getLength() );
} while( bEntered && ! bAuthenticated );
}
diff --git a/sdext/source/pdfimport/wrapper/wrapper.cxx
b/sdext/source/pdfimport/wrapper/wrapper.cxx
index 772dac3..61d4b29 100644
--- a/sdext/source/pdfimport/wrapper/wrapper.cxx
+++ b/sdext/source/pdfimport/wrapper/wrapper.cxx
@@ -933,8 +933,6 @@ static bool checkEncryption( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString( io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData(
aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory( (void*)aIsoPwd.getStr(),
aIsoPwd.getLength() );
}
if( bAuthenticated )
bSuccess = true;
@@ -949,16 +947,12 @@ static bool checkEncryption( const rtl::OUString&
rtl::OString aIsoPwd = rtl::OUStringToOString(
io_rPwd,
RTL_TEXTENCODING_ISO_8859_1 );
bAuthenticated = pPDFFile->setupDecryptionData(
aIsoPwd.getStr() );
- // trash password string on heap
- rtl_zeroMemory( (void*)aIsoPwd.getStr(),
aIsoPwd.getLength() );
} while( bEntered && ! bAuthenticated );
}
OSL_TRACE( "password: %s", bAuthenticated ? "matches" :
"does not match" );
bSuccess = bAuthenticated;
}
- // trash password string on heap
- rtl_zeroMemory( (void*)io_rPwd.getStr(),
io_rPwd.getLength()*sizeof(sal_Unicode) );
if( bAuthenticated )
{
rtl::OUStringBuffer aBuf( 128 );
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
