Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1430)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2738973004: Replace rtc::CryptString with std::string (Closed)

Created:
3 years, 9 months ago by nisse-chromium (ooo August 14)
Modified:
3 years, 9 months ago
Reviewers:
palmer, Sergey Ulanov
CC:
chromium-reviews
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Replace rtc::CryptString with std::string CryptString is intended for secret data, such as passwords, and the memory is cleared on deallocation. However, where it is used in libjingle_xmpp, the password is copied to other objects without any magic clearing, so the security benefit is questionable. In addition, CryptString is yet another string class, it's unused within webrtc, and essentially unmaintained. If we can replace its use in Chrome, it will be deleted. BUG=webrtc:6424 Review-Url: https://codereview.chromium.org/2738973004 Cr-Commit-Position: refs/heads/master@{#456021} Committed: https://chromium.googlesource.com/chromium/src/+/871bffc2d8203073da09b7ac16eec2e8a589725a

Patch Set 1 #

Total comments: 1
Unified diffs Side-by-side diffs Delta from patch set Stats (+27 lines, -35 lines) Patch
M jingle/notifier/base/gaia_token_pre_xmpp_auth.h View 1 chunk +1 line, -1 line 0 comments Download
M jingle/notifier/base/gaia_token_pre_xmpp_auth.cc View 1 chunk +1 line, -1 line 0 comments Download
M jingle/notifier/base/xmpp_connection_unittest.cc View 2 chunks +1 line, -2 lines 0 comments Download
M third_party/libjingle_xmpp/xmpp/plainsaslhandler.h View 2 chunks +2 lines, -3 lines 0 comments Download
M third_party/libjingle_xmpp/xmpp/prexmppauth.h View 2 chunks +1 line, -2 lines 0 comments Download
M third_party/libjingle_xmpp/xmpp/saslplainmechanism.h View 2 chunks +8 lines, -9 lines 1 comment Download
M third_party/libjingle_xmpp/xmpp/xmppclient.cc View 2 chunks +3 lines, -3 lines 0 comments Download
M third_party/libjingle_xmpp/xmpp/xmppclientsettings.h View 7 chunks +6 lines, -7 lines 0 comments Download
M third_party/libjingle_xmpp/xmpp/xmppengine_unittest.cc View 1 chunk +2 lines, -3 lines 0 comments Download
M third_party/libjingle_xmpp/xmpp/xmpplogintask_unittest.cc View 2 chunks +2 lines, -4 lines 0 comments Download

Messages

Total messages: 14 (8 generated)
nisse-chromium (ooo August 14)
PTAL. palmer@, can you review random security-related changes like this one? I'm mainly working with ...
3 years, 9 months ago (2017-03-09 13:01:57 UTC) #4
Sergey Ulanov
lgtm
3 years, 9 months ago (2017-03-09 18:25:25 UTC) #7
palmer
LGTM.
3 years, 9 months ago (2017-03-10 02:59:45 UTC) #8
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2738973004/1
3 years, 9 months ago (2017-03-10 07:58:44 UTC) #10
commit-bot: I haz the power
Committed patchset #1 (id:1) as https://chromium.googlesource.com/chromium/src/+/871bffc2d8203073da09b7ac16eec2e8a589725a
3 years, 9 months ago (2017-03-10 08:03:52 UTC) #13
RE66
3 years, 9 months ago (2017-03-10 11:17:56 UTC) #14
Message was sent while issue was closed. 
On 2017/03/10 08:03:52, commit-bot: I haz the power wrote:
> Committed patchset #1 (id:1) as
>
https://chromium.googlesource.com/chromium/src/+/871bffc2d8203073da09b7ac16ee...

Bad patch , unneeded security path
what is needed is to ask libjingle to support encrypted strings

Powered by Google App Engine
This is Rietveld 408576698