KPasswordDialog / KPasswordEdit
André Wöbbeking
Woebbeking at onlinehome.de
Sun Jan 15 09:02:08 GMT 2006
On Sunday 15 January 2006 08:11, Michael Pyne wrote:
> On Saturday 14 January 2006 10:47, Daniel Molkentin wrote:
> > The
> > silver bullet would be to check what it takes to make QSharedData
> > and thus QString to use non-swapable memory, so we could just use
> > QString or a derived class to handle passwords and other sensitive
> > data in the future.
>
> How about the placement new operator? It constructs an object in
> pre-allocated memory instead of allocating new memory. So we could
> allocate protected memory for any object we want, and then construct
> that object in the unshared memory and basically avoid the problem
> altogether.
>
> Sample:
>
> #include <QtCore/QString>
> #include <iostream>
> #include <cstdlib>
>
> using std::cout;
> using std::endl;
> using std::malloc;
> using std::free;
>
> int main()
> {
> // Allocate space for object. Use secure_malloc() or something
> here. void *buffer = malloc(1024);
>
> // Note the "placement new" syntax.
> QString *str = new (buffer) QString("StringString");
You know that QString as many other Q-classes uses a d-pointer and
allocs extra space for the data? So your code must be in QString.
> // It should actually work. ;)
> cout << str->toUtf8().data() << endl;
This creates a new QByteArray which is also not in your allocated
buffer.
More information about the kde-core-devel
mailing list