On Sat, 12 Apr 2014, Sven Barth wrote:
Am 11.04.2014 20:50 schrieb "waldo kitty" <wkitt...@windstream.net>:
>
> On 4/11/2014 5:03 AM, Michael Van Canneyt wrote:
>>
>> The main point is that in FPC you can install a memory manager that wipes out
>> any memory when getting or releasing it, if you want to make your software
more
>> secure that way.
>
[snip]
>
> i don't know how one would go about cleaning released memory as someone else
asked about (eg: extending an array or string
or etc)... once the memory is released, it is no longer accessible, right?
That's where the heap manager comes in. In FPC every allocation that is not
done manually through OS functions (namely
string/array allocation, class allocation, getmem() and new()) go through the
heap manager of which you can register a
custom one. This heap manager hooks the allocation and deallocation calls and
thus you could provide a manager that clears
deallocated memory (or fills with random data) before it's passed on to the
default heap manager.
Attached is an implementation that allows you to specify:
What to do when allocating memory (zero out, randomize, nothing)
What to do when freeing memory (zero out, randomize, nothing).
Careful, it does not play well with the heaptrc unit.
If there is an interest in such thing, we can add it to the RTL.
Michael.
{
This file is part of the Free Pascal run time library.
Copyright (c) 1999-2000 by the Free Pascal development team
"Safe" Heap manager interface section
See the file COPYING.FPC, included in this distribution,
for details about the copyright.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
**********************************************************************}
unit safemmgr;
interface
Type
TMemAction = (
maZero, // Zero out the memory
maRandom, // Fill with Random data
maNone // Do nothing
);
Var
// Can be set at any time.
GetAction : TMemAction = maZero;
FreeAction : TMemAction = maZero;
// You can set/unset the memory manager at any time, but it is set during
intialization.
Procedure InitSafeMemManager;
Procedure DoneSafeMemManager;
Implementation
Var
M : TMemoryManager;
Procedure ZeroMem(Mem : PByte; ASize : ptruint);
begin
if (Asize=0) then exit;
FillWord(Mem^,ASize div 2,0);
if (ASize mod 2)=1 then
Mem[ASize-1]:=0;
end;
Procedure RandomMem(Mem : PByte; ASize : ptruint);
Var
I : ptruint;
PW : PWord;
begin
if (Asize=0) then exit;
PW:=PWord(Mem);
For I:=0 to (ASize div 2) do
PW[I]:=Random($FFFF);
if (ASize mod 2)=1 then
Mem[ASize-1]:=Random($FF);
end;
Function SafeGetmem (Size:ptruint):Pointer;
begin
Result:=M.Getmem(Size);
Case GetAction of
maZero : ZeroMem(Result,Size);
maRandom : RandomMem(Result,Size);
end;
end;
Function SafeFreeMemSize(p:pointer;Size:ptruint):ptruint;
begin
Case FreeAction of
maZero : ZeroMem(P,Size);
maRandom : RandomMem(P,Size);
end;
Result:=M.FreeMemSize(P,Size);
end;
Function SafeFreeMem (p:pointer):ptruint;
begin
Result:=SafeFreeMemSize(P,M.MemSize(P));
end;
Function SafeAllocMem (Size:ptruint):Pointer;
begin
Result:=M.AllocMem(Size);
Case GetAction of
maZero : ZeroMem(Result,Size);
maRandom : RandomMem(Result,Size);
end;
end;
Function SafeReAllocMem(var p:pointer;Size:ptruint):Pointer;
Var
OP : PByte;
GOS,FOS : ptruint;
begin
OP:=P;
FOS:=M.MemSize(P);
GOS:=FOS;
Result:=M.ReAllocMem(P,Size);
If (P<>OP) then
P:=OP
else
if (FOS>Size) then
begin
Inc(OP,FOS);
Dec(FOS,Size);
end;
if (OP<>Nil) and (FOS>0) then
Case FreeAction of
maZero : ZeroMem(OP,FOS);
maRandom : RandomMem(OP,FOS);
end;
if (GOS<Size) then
begin
OP:=Result;
Inc(OP,GOS);
Dec(GOS,Size);
Case GetAction of
maZero : ZeroMem(OP,GOS);
maRandom : RandomMem(OP,GOS);
end;
end;
end;
Function SafeMMinstalled : Boolean;
Var
CM : TMemoryManager;
begin
FillChar(CM,SizeOf(TMemoryManager),#0);
GetMemoryManager(CM);
Result:=Pointer(CM.AllocMem)=Pointer(@SafeAllocMem);
end;
Procedure InitSafeMemManager;
Var
NM : TMemoryManager;
begin
If SafeMMInstalled then
exit;
GetMemoryManager(M);
NM:=M;
NM.FreeMem:=@SafeFreeMem;
NM.FreeMemSize:=@SafeFreeMemSize;
NM.GetMem:=@SafeGetMem;
NM.AllocMem:=@SafeAllocMem;
NM.ReAllocMem:=@SafeReAllocMem;
SetMemoryManager(NM);
end;
Procedure DoneSafeMemManager;
begin
If Not SafeMMInstalled then
exit;
SetMemoryManager(M);
end;
initialization
InitSafeMemManager;
finalization
DoneSafeMemManager;
end.
_______________________________________________
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal
