From d5a0e7ac0a8169220b32cd8525b6cc5a6e563af3 Mon Sep 17 00:00:00 2001 From: Bo Xu Date: Thu, 10 Jul 2014 11:49:52 -0700 Subject: Zero out temporary arrays before use in PDF encryption. BUG=387834 R=palmer@chromium.org Review URL: https://codereview.chromium.org/386663003 --- core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp b/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp index e09bbbbb2e..417801b9c5 100644 --- a/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp +++ b/core/src/fpdfapi/fpdf_parser/fpdf_parser_encrypt.cpp @@ -406,6 +406,7 @@ FX_BOOL CPDF_StandardSecurityHandler::CheckUserPassword(FX_LPCBYTE password, FX_ copy_len = ukey.GetLength(); } FXSYS_memset32(test, 0, sizeof(test)); + FXSYS_memset32(tmpkey, 0, sizeof(tmpkey)); FXSYS_memcpy32(test, (FX_LPCSTR)ukey, copy_len); for (int i = 19; i >= 0; i --) { for (int j = 0; j < key_len; j ++) { @@ -466,6 +467,7 @@ CFX_ByteString CPDF_StandardSecurityHandler::GetUserPassword(FX_LPCBYTE owner_pa } else { for (int i = 19; i >= 0; i --) { FX_BYTE tempkey[32]; + FXSYS_memset32(tempkey, 0, sizeof(tempkey)); for (int j = 0; j < m_KeyLen; j ++) { tempkey[j] = enckey[j] ^ i; } -- cgit v1.2.3