Posted to tcl by sebres at Wed Dec 05 13:15:03 GMT 2018view pretty

proc _hash_pwd {} {

  ## lock all pages if available (MCL_CURRENT/MCL_FUTURE):
  if {[info command ::mlockall] ne ""} { ::mlockall -1 }

  try {

    ## first time password is here:
    set pwd [..generate_pwd..]
    
    ## -----------
    ## do something with pwd, e.g. create a hash or save to db...
    ## but note you shouldn't reference it inside (refcount can be 
    ## verified with [::tcl::unsupported::representation $pwd]).
    
    set hash [hash_or_encrypt_it .. $pwd ..]
    
    ## -----------
    
    ## save the length and overwrite password var (the last reference):
    set l [string bytelength $pwd]
    ## allocate new object with the same length (as string and bytearray)...
    set pwd {}
    set pwd [binary format a$l ""]
    set pwd {}
    set pwd [string repeat " " $l]
    
  } finally {
    ## unlock all pages :
    if {[info command ::mlockall] ne ""} { ::munlockall }
  }
  return $hash
}
  
## PoC:
  
proc _clear_pwd_mem_poc {} {
    set pwd [binary decode hex 616263]
    puts "step 1) [::tcl::unsupported::representation $pwd]"
    
    set l [string bytelength $pwd]
    set pwd {}
    set pwd [binary format a$l ""]
    puts "step 2) [::tcl::unsupported::representation $pwd]"
    set pwd {}
    set pwd [string repeat " " $l]
    puts "step 3) [::tcl::unsupported::representation $pwd]"
}
_clear_pwd_mem_poc

Recent Posts

• tcl by bch
  5 days ago
• tcl by Bradipo
  5 days ago
• tcl by aspect
  5 days ago
• tcl by Bradipo
  5 days ago
• tcl by Bradipo
  5 days ago
• tcl by Bradipo
  6 days ago
• lilypond by Bradipo
  7 days ago
• tcl by cgm
  17 days ago
• tcl by dandyn
  26 days ago
• tcl by Stu
  27 days ago

Submit

• New paste

Documentation

• From Jabber