Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-75011

QSslKey (and related classes) use unsecured memory buffers

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • Icon: P4: Low P4: Low
    • None
    • 5.13.0 Beta 1
    • Network: SSL
    • None
    • All

      There's quite a few places in the SSL code (especially relevant in QSslKey) where sensitive data is passed around or manipulated in QByteArray. The memory is freed as usual by the implicit sharing mechanism through the heap manager. However this means sensitive data can (and probably does) linger in the inactive parts of the memory for an unknown amount of time. The buffers should zero-out/randomize the block before freeing it to prevent heartbleed-type vulnerabilities.

      Suggestion:
      Write and expose a public class for a buffer (byte array) that is suitable for holding sensitive data. As the QSsl* API allows for passing the key (and/or certificates) directly from the user code as a byte array, it is reasonable to expect that the user needs to have such a container available as well. 

      Related (palliative) gerrit change here:
      https://codereview.qt-project.org/#/c/257992

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            cnn Qt Core & Network
            kshegunov Konstantin Shegunov
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:

                There are no open Gerrit changes