tags:

views:

124

answers:

2
Q: 

How do I modify the internal buffer of std::cin

Hello, I am writing a software that grabs a password using std::cin

However unlikely, i am trying to avoid the possibility that the password get paged to the disk from memory so I want to modify the buffer of std::cin to overwrite the password as soon as I'm done with it.

right now i have this:

std::cin.clear();
std::stringstream ss;
ss << "0000000000000000000000000000000000000000000000";
std::cin.rdbuf(ss.rdbuf());
std::cin.clear();

but I'm pretty sure this is bad since it doesn't take into account the current size of the cin buffer. How do i properly overwrite the contents of the buffer?

thanks for any help!

+1  A: 

You can use gptr() and egptr() to get the beginning and end of the buffer.

Edit: As Charles Bailey pointed out, these are protected. My assumption is that if you want a stream buffer that you can clear its contents at a specified time, that you'd be implementing one of your own that derives from one of the standard stream buffer classes, but provides a clear() member (or whatever name you find convenient). Changing the contents of the buffer without the buffer manager knowing about it will generally be a rather bad thing...

Jerry Coffin  2009-12-05 17:31:48
`gptr()` and `egptr()` are protected so unless you're writing the streambuf class that the implementations std::cin is actually using initially this isn't going to help, unless I'm not understanding your answer?
Charles Bailey  2009-12-05 17:37:19
+1  A: 

Even if you scribble over the buffer immediately, it's still possible the password is written to disk. A system i/o buffer might be paged to disk, as might the working memory which std::cin is in. I used to develop forensic software which sniffed out exactly these conditions.

wallyk  2009-12-05 17:40:25
but wouldn't overwriting the buffer overwrite the same area of memory?
Jorge  2009-12-05 17:43:02
should it not be possible to tell the kernel to make a certain alligned page not to illegible for disk paging ?
Hassan Syed  2009-12-05 17:45:33
@Jorge: the point is that even if the password is in memory for just one instruction cycle, there's a possibility it will be paged to disk. @Vainstah: that's possible with the program copy of the stream buffer, and maybe even the runtime library's copy, but what about the system's i/o buffers? There's no way to know where those are.
wallyk  2009-12-05 18:10:02
forensics: 1 developer: 0 ::cheering::
Jorge  2009-12-05 18:14:17

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS