MCPcopy Create free account
hub / github.com/abbeycode/UnrarKit / Process

Method Process

Libraries/unrar/secpassword.cpp:102–108  ·  view source on GitHub ↗

We got a complain from user that it is possible to create WinRAR dump with "Create dump file" command in Windows Task Manager and then easily locate Unicode password string in the dump. It is unsecure if several people share the same computer and somebody left WinRAR copy with entered password. So we decided to obfuscate the password to make it more difficult to find it in dump.

Source from the content-addressed store, hash-verified

100// password. So we decided to obfuscate the password to make it more difficult
101// to find it in dump.
102void SecPassword::Process(const wchar *Src,size_t SrcSize,wchar *Dst,size_t DstSize,bool Encode)
103{
104 // Source string can be shorter than destination as in case when we process
105 // -p<pwd> parameter, so we need to take into account both sizes.
106 memcpy(Dst,Src,Min(SrcSize,DstSize)*sizeof(*Dst));
107 SecHideData(Dst,DstSize*sizeof(*Dst),Encode,CrossProcess);
108}
109
110
111void SecPassword::Get(wchar *Psw,size_t MaxSize)

Callers

nothing calls this directly

Calls 1

SecHideDataFunction · 0.85

Tested by

no test coverage detected