elric@imrryr.org wrote: 

> Having a quick read it looks like the call to cmd_nuke() is
> preceded by a cmd_open().  cmd_open() loads the decrypted decoded
> contents of the lock sector into memory which contain all of the
> information needed to decrypt the disk.  In cmd_nuke(), the malloc is
> followed immediately by a memset(3) which could core dump. 

You're right on both counts, I apologize for the confusion, I have
several versions of GBDE files around and just before I made that
comment about segmentation violation not being possible I took a
look at the malloc(3) line in my patched version by mistake. In
that version I replaced the malloc(3) and memset(3) calls in cmd_nuke()
with a single malloc(3) call with the M_ZERO flag set.

Using mlockall(2) to prevent paging and setrlimit(2) to prevent core
from being dumped would also be an improvement for both CGD and GBDE.

ALeine
___________________________________________________________________
WebMail FREE http://mail.austrosearch.net