Hello all,
Awhile back I wrote a program that mounts an encrypted partition/file. I use
Fl_Secret_Input (1.1.x-r6059) to retrieve the passphrase from the user.
At the time, I used gdb (through kdevelop) to look at how the underlying
Fl_Input_ stores the passphrase. What I saw was that there are two buffers:
value_ and buffer.
My current attempt to clear the passphrase from memory was to set the
value() of the Fl_Secret_Input twice. This seems to clear both of the
buffers:
txtPasswd->value("XXXXXXXXXXXXXXXXXXXXXXXX");
txtPasswd->value(NULL);
By looking at the addresses of the value_ and buffer members, this seems to
do the trick.
Now that I'm looking at the code again, is this actually correct? Or is
there another procedure I should be using instead like storing the the
value() as a non-const and manipulating it's contents. Something like:
char *buf = (char*)txtPasswd->value();
int sz = txtPasswd->size();
for(int i = 0; i < sz; i++)
buf[i] |= 0xDEADBEEF;
Where "buf[i] |= 0xDEADBEEF" is some kind of character voodoo :)
--
Alvin
_______________________________________________
fltk mailing list
[email protected]
http://lists.easysw.com/mailman/listinfo/fltk
