im kinda confused with the code, i was curious to see if the return type byte[] is pinned or not
why? because im auditing my code and i want to know if the garbage collector would relocate it even if i manually pin this byte[] variable after it returns.
but why? because im storing fucking passwords and i need to retrieve them, and i dont want this fucking thing laying around in-memory even after i use it
so, the main question, would this code be safe? (by which i mean, could the garbage collector relocate the bytes and fucking screw me over by leaving a copy of the data in-memory? btw yes im aware SecureString is deprecated. No, i cannot ignore it, they are forcing me to use it):
private SecureString SecureStringFromArray(byte[] secretBytes)
{
var secureString = new SecureString();
char[] secretChars = new char[Encoding.UTF8.GetCharCount(secretBytes)];
GCHandle tempHandle = GCHandle.Alloc(secretChars, GCHandleType.Pinned);
// see https://referencesource.microsoft.com/#mscorlib/system/text/encoding.cs,1234
Encoding.UTF8.GetChars(secretBytes, 0, secretBytes.Length, secretChars, 0);
foreach (var singleCharacter in secretChars)
{
secureString.AppendChar(singleCharacter);
}
// free the temporary array
Array.Clear(secretChars, 0, secretChars.Length);
tempHandle.Free();
return secureString;
}
why not clear secretBytes too before returning?
you probably didnt see that Array.Clear being called
Обсуждают сегодня