我需要手动清零 PCREDENTIAL.CredentialBlob 吗？

Question

我正在使用 Windows credentials store 这样的：

PCREDENTIAL cred = nullptr;
if (CredRead(entryName, 1, 0, &cred) != TRUE || !cred)
    return -1;

// ... code which handles cred.UserName and cred.CredentialBlob

CredFree(cred);

如您所见，我将缓冲区释放为 required。但是，我看到 LPBYTE 指针 CredentialBlob 仍然有效并且仍然包含内存中的密码。我是否必须手动 SecureZeroMemory 它以及谁拥有缓冲区？我没有找到其他源代码可以做到这一点...

我还没有找到任何东西，https://msdn.microsoft.com/library/aa919793.aspx 只包含以下通用语句：

Clear credential data from memory after use

Do not leave credentials in memory after use. Clear all credential data from temporary storage after use by calling SecureZeroMemory.

Answer 1

However, I see that the LPBYTE pointer CredentialBlob is still valid

你是怎么判断的？您很可能是通过阅读死内存来提交 UB。

an still contains the password in memory

这更令人担忧，但你引用的文字告诉你该怎么做。

Answer 2

您拥有缓冲区。 documentation 状态：

Any pointers contained within the buffer are pointers to locations within this single allocated block.

在理想情况下，CredFree 会在释放之前将整个块清零，可能值得就此向 Microsoft 提交建议，但就目前情况而言，最好的选择可能是调用 CredFree 之前的以下内容：

SecureZeroMemory (cred->CredentialBlob, cred->CredentialBlobSize);