commit 4c6a30c1bf745d474b34e403232e13a3a764f33e
author Joachim Bauch <jbauch@webrtc.org> Thu Mar 08 00:55:33 2018 +0100
committer Commit Bot <commit-bot@chromium.org> Fri Mar 09 10:50:34 2018 +0000
tree 7df47c335f66b1074f2c177a9b7bafd57b16caf2
parent 89d88c0b9d61975bc63623ab8028377d8f9733dc

Add templated version of ByteBufferWriter.

This CL switches to a Buffer for storing the data and allows using
a different class, e.g. "ZeroOnFreeBuffer" for sensitive data.

Bug: webrtc:8905
Change-Id: Ic56f3f51cc6d640135c4ee0e1ad0fd48d27bbbdf
Reviewed-on: https://webrtc-review.googlesource.com/60660
Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
Commit-Queue: Joachim Bauch <jbauch@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#22354}

rtc_base/socketadapters.cc

diff --git a/rtc_base/socketadapters.cc b/rtc_base/socketadapters.cc
index 5b95cac..a300495 100644
--- a/rtc_base/socketadapters.cc
+++ b/rtc_base/socketadapters.cc
@@ -665,7 +665,7 @@
 }
 
 void AsyncSocksProxySocket::SendAuth() {
-  ByteBufferWriter request;
+  ByteBufferWriterT<ZeroOnFreeBuffer<char>> request;
   request.WriteUInt8(1);           // Negotiation Version
   request.WriteUInt8(static_cast<uint8_t>(user_.size()));
   request.WriteString(user_);      // Username
@@ -673,14 +673,10 @@
   size_t len = pass_.GetLength() + 1;
   char * sensitive = new char[len];
   pass_.CopyTo(sensitive, true);
-  // Don't write anything to |request| afterwards to avoid potential
-  // reallocations where the old memory (containing the password) will not
-  // be cleared securely.
   request.WriteBytes(sensitive, pass_.GetLength());  // Password
   ExplicitZeroMemory(sensitive, len);
   delete [] sensitive;
   DirectSend(request.Data(), request.Length());
-  ExplicitZeroMemory(request.MutableData(), request.Length());
   state_ = SS_AUTH;
 }