Windows: correctly wipe password in UI input field in case of direct creation of Hidden volume or resuming non-system in-place encryption

This commit is contained in:
Mounir IDRASSI 2020-07-06 18:03:57 +02:00
parent ff391d9a6a
commit 3daaae0d48
No known key found for this signature in database
GPG Key ID: 02C30AE90FAE4A6F

View File

@ -420,7 +420,9 @@ static void WipePasswordsAndKeyfiles (bool bFull)
// Attempt to wipe passwords stored in the input field buffers // Attempt to wipe passwords stored in the input field buffers
wmemset (tmp, L'X', MAX_PASSWORD); wmemset (tmp, L'X', MAX_PASSWORD);
tmp [MAX_PASSWORD] = 0; tmp [MAX_PASSWORD] = 0;
if (hPasswordInputField)
SetWindowText (hPasswordInputField, tmp); SetWindowText (hPasswordInputField, tmp);
if (hVerifyPasswordInputField)
SetWindowText (hVerifyPasswordInputField, tmp); SetWindowText (hVerifyPasswordInputField, tmp);
burn (&szVerify[0], sizeof (szVerify)); burn (&szVerify[0], sizeof (szVerify));
@ -436,8 +438,10 @@ static void WipePasswordsAndKeyfiles (bool bFull)
burn (&outerVolumePim, sizeof (outerVolumePim)); burn (&outerVolumePim, sizeof (outerVolumePim));
} }
SetWindowText (hPasswordInputField, L""); if (hPasswordInputField)
SetWindowText (hVerifyPasswordInputField, L""); SetWindowText (hPasswordInputField, L"");
if (hVerifyPasswordInputField)
SetWindowText (hVerifyPasswordInputField, L"");
KeyFileRemoveAll (&FirstKeyFile); KeyFileRemoveAll (&FirstKeyFile);
KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile); KeyFileRemoveAll (&defaultKeyFilesParam.FirstKeyFile);
@ -4327,6 +4331,8 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
/* make autodetection the default */ /* make autodetection the default */
SendMessage (hComboBox, CB_SETCURSEL, 0, 0); SendMessage (hComboBox, CB_SETCURSEL, 0, 0);
hPasswordInputField = GetDlgItem (hwndDlg, IDC_PASSWORD_DIRECT);
hVerifyPasswordInputField = NULL;
ToNormalPwdField (hwndDlg, IDC_PASSWORD_DIRECT); ToNormalPwdField (hwndDlg, IDC_PASSWORD_DIRECT);
SetPassword (hwndDlg, IDC_PASSWORD_DIRECT, szRawPassword); SetPassword (hwndDlg, IDC_PASSWORD_DIRECT, szRawPassword);