From 8356fa37adbe1662141f93cc749e4c2d05af9f7b Mon Sep 17 00:00:00 2001
From: Richard van der Hoff <richard@matrix.org>
Date: Thu, 15 Dec 2016 13:37:34 +0000
Subject: zero out plaintext buffers

Avoid leaving copies of the plaintext sitting around in the emscripten heap.
---
 javascript/olm_outbound_group_session.js | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'javascript/olm_outbound_group_session.js')

diff --git a/javascript/olm_outbound_group_session.js b/javascript/olm_outbound_group_session.js
index 01fee0b..0402c3c 100644
--- a/javascript/olm_outbound_group_session.js
+++ b/javascript/olm_outbound_group_session.js
@@ -64,9 +64,9 @@ OutboundGroupSession.prototype['create'] = restore_stack(function() {
 });
 
 OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
-    var plaintext_buffer, message_buffer;
+    var plaintext_buffer, message_buffer, plaintext_length;
     try {
-        var plaintext_length = Module['lengthBytesUTF8'](plaintext);
+        plaintext_length = Module['lengthBytesUTF8'](plaintext);
 
         var message_length = outbound_group_session_method(
             Module['_olm_group_encrypt_message_length']
@@ -86,6 +86,8 @@ OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
         return Module['UTF8ToString'](message_buffer);
     } finally {
         if (plaintext_buffer !== undefined) {
+            // don't leave a copy of the plaintext in the heap.
+            bzero(plaintext_buffer, plaintext_length + 1);
             free(plaintext_buffer);
         }
         if (message_buffer !== undefined) {
-- 
cgit v1.2.3