问题
I am writing a software that grabs a password using std::cin
However unlikely, i am trying to avoid the possibility that the password get paged to the disk from memory so I want to modify the buffer of std::cin
to overwrite the password as soon as I'm done with it.
right now i have this:
std::cin.clear();
std::stringstream ss;
ss << "0000000000000000000000000000000000000000000000";
std::cin.rdbuf(ss.rdbuf());
std::cin.clear();
but I'm pretty sure this is bad since it doesn't take into account the current size of the cin buffer. How do i properly overwrite the contents of the buffer?
thanks for any help!
回答1:
You can use gptr()
and egptr()
to get the beginning and end of the buffer.
Edit: As Charles Bailey pointed out, these are protected. My assumption is that if you want a stream buffer that you can clear its contents at a specified time, that you'd be implementing one of your own that derives from one of the standard stream buffer classes, but provides a clear()
member (or whatever name you find convenient). Changing the contents of the buffer without the buffer manager knowing about it will generally be a rather bad thing...
回答2:
Even if you scribble over the buffer immediately, it's still possible the password is written to disk. A system i/o buffer might be paged to disk, as might the working memory which std::cin is in. I used to develop forensic software which sniffed out exactly these conditions.
来源:https://stackoverflow.com/questions/1852801/how-do-i-modify-the-internal-buffer-of-stdcin