From 8356fa37adbe1662141f93cc749e4c2d05af9f7b Mon Sep 17 00:00:00 2001
From: Richard van der Hoff <richard@matrix.org>
Date: Thu, 15 Dec 2016 13:37:34 +0000
Subject: zero out plaintext buffers

Avoid leaving copies of the plaintext sitting around in the emscripten heap.
---
 javascript/olm_inbound_group_session.js  |  6 ++++--
 javascript/olm_outbound_group_session.js |  6 ++++--
 javascript/olm_post.js                   | 19 +++++++++++++++----
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/javascript/olm_inbound_group_session.js b/javascript/olm_inbound_group_session.js
index 5815320..2e4727f 100644
--- a/javascript/olm_inbound_group_session.js
+++ b/javascript/olm_inbound_group_session.js
@@ -64,7 +64,7 @@ InboundGroupSession.prototype['create'] = restore_stack(function(session_key) {
 InboundGroupSession.prototype['decrypt'] = restore_stack(function(
     message
 ) {
-    var message_buffer, plaintext_buffer;
+    var message_buffer, plaintext_buffer, plaintext_length;
 
     try {
         message_buffer = malloc(message.length);
@@ -80,7 +80,7 @@ InboundGroupSession.prototype['decrypt'] = restore_stack(function(
         plaintext_buffer = malloc(max_plaintext_length + NULL_BYTE_PADDING_LENGTH);
         var message_index = stack(4);
 
-        var plaintext_length = inbound_group_session_method(
+        plaintext_length = inbound_group_session_method(
             Module["_olm_group_decrypt"]
         )(
             this.ptr,
@@ -105,6 +105,8 @@ InboundGroupSession.prototype['decrypt'] = restore_stack(function(
             free(message_buffer);
         }
         if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, plaintext_length + NULL_BYTE_PADDING_LENGTH);
             free(plaintext_buffer);
         }
     }
diff --git a/javascript/olm_outbound_group_session.js b/javascript/olm_outbound_group_session.js
index 01fee0b..0402c3c 100644
--- a/javascript/olm_outbound_group_session.js
+++ b/javascript/olm_outbound_group_session.js
@@ -64,9 +64,9 @@ OutboundGroupSession.prototype['create'] = restore_stack(function() {
 });
 
 OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
-    var plaintext_buffer, message_buffer;
+    var plaintext_buffer, message_buffer, plaintext_length;
     try {
-        var plaintext_length = Module['lengthBytesUTF8'](plaintext);
+        plaintext_length = Module['lengthBytesUTF8'](plaintext);
 
         var message_length = outbound_group_session_method(
             Module['_olm_group_encrypt_message_length']
@@ -86,6 +86,8 @@ OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
         return Module['UTF8ToString'](message_buffer);
     } finally {
         if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, plaintext_length + 1);
             free(plaintext_buffer);
         }
         if (message_buffer !== undefined) {
diff --git a/javascript/olm_post.js b/javascript/olm_post.js
index 9820354..752279a 100644
--- a/javascript/olm_post.js
+++ b/javascript/olm_post.js
@@ -42,6 +42,13 @@ function restore_stack(wrapped) {
     }
 }
 
+/* set a memory area to zero */
+function bzero(ptr, n) {
+    while(n-- > 0) {
+        Module['HEAP8'][ptr++] = 0;
+    }
+}
+
 function Account() {
     var size = Module['_olm_account_size']();
     this.buf = malloc(size);
@@ -299,7 +306,7 @@ Session.prototype['matches_inbound_from'] = restore_stack(function(
 Session.prototype['encrypt'] = restore_stack(function(
     plaintext
 ) {
-    var plaintext_buffer, message_buffer;
+    var plaintext_buffer, message_buffer, plaintext_length;
     try {
         var random_length = session_method(
             Module['_olm_encrypt_random_length']
@@ -308,7 +315,7 @@ Session.prototype['encrypt'] = restore_stack(function(
             Module['_olm_encrypt_message_type']
         )(this.ptr);
 
-        var plaintext_length = Module['lengthBytesUTF8'](plaintext);
+        plaintext_length = Module['lengthBytesUTF8'](plaintext);
         var message_length = session_method(
             Module['_olm_encrypt_message_length']
         )(this.ptr, plaintext_length);
@@ -334,6 +341,8 @@ Session.prototype['encrypt'] = restore_stack(function(
         };
     } finally {
         if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, plaintext_length + 1);
             free(plaintext_buffer);
         }
         if (message_buffer !== undefined) {
@@ -345,13 +354,13 @@ Session.prototype['encrypt'] = restore_stack(function(
 Session.prototype['decrypt'] = restore_stack(function(
     message_type, message
 ) {
-    var message_buffer, plaintext_buffer;
+    var message_buffer, plaintext_buffer, max_pliantext_length;
 
     try {
         message_buffer = malloc(message.length);
         Module['writeAsciiToMemory'](message, message_buffer, true);
 
-        var max_plaintext_length = session_method(
+        max_plaintext_length = session_method(
             Module['_olm_decrypt_max_plaintext_length']
         )(this.ptr, message_type, message_buffer, message.length);
 
@@ -379,6 +388,8 @@ Session.prototype['decrypt'] = restore_stack(function(
             free(message_buffer);
         }
         if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, max_plaintext_length + NULL_BYTE_PADDING_LENGTH);
             free(plaintext_buffer);
         }
     }
-- 
cgit v1.2.3