sikuli-driver team mailing list archive

Thread
Date

[Bug 1101171] [NEW] Use of ZeroMemory in Java_org_sikuli_script_Win32Util_openApp leads to intermittent problems

To: sikuli-driver@xxxxxxxxxxxxxxxxxxx
From: Kristian Karl <1101171@xxxxxxxxxxxxxxxxxx>
Date: Fri, 18 Jan 2013 12:02:36 -0000
Reply-to: Bug 1101171 <1101171@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

In function Java_org_sikuli_script_Win32Util_openApp in file sikuli-
script\src\main\native\Win32Util.cc, the usage of ZeroMemory  in
conjunction with using compiler optimization, can lead to unwanted
effects.

For example, I experienced that the function intermittently opened an
app in a minimized state. This started to happen on Windows 8, but not
on other platforms.

Now, the reason for that, can be that the struct STARTUPINFO is actually
not all zeros. Please see article on:
https://www.securecoding.cert.org/confluence/display/cplusplus/MSC06-CPP.+Be+aware+of+compiler+optimization+when+dealing+with+sensitive+data

Instead of using ZeroMemory, SecureZeroMemory should be used.

** Affects: sikuli
     Importance: Undecided
         Status: New


** Tags: openapp

** Patch added: "Patch to fix the problem.  From branch origin/develop, last commit c050fb757de6dd3b2a61ba305ba6ca9c78474385"
   https://bugs.launchpad.net/bugs/1101171/+attachment/3487332/+files/zeromemory.patch

-- 
You received this bug notification because you are a member of Sikuli
Drivers, which is subscribed to Sikuli.
https://bugs.launchpad.net/bugs/1101171

Title:
  Use of ZeroMemory in Java_org_sikuli_script_Win32Util_openApp leads to
  intermittent problems

Status in Sikuli:
  New

Bug description:
  In function Java_org_sikuli_script_Win32Util_openApp in file sikuli-
  script\src\main\native\Win32Util.cc, the usage of ZeroMemory  in
  conjunction with using compiler optimization, can lead to unwanted
  effects.

  For example, I experienced that the function intermittently opened an
  app in a minimized state. This started to happen on Windows 8, but not
  on other platforms.

  Now, the reason for that, can be that the struct STARTUPINFO is
  actually not all zeros. Please see article on:
  https://www.securecoding.cert.org/confluence/display/cplusplus/MSC06-CPP.+Be+aware+of+compiler+optimization+when+dealing+with+sensitive+data

  Instead of using ZeroMemory, SecureZeroMemory should be used.

To manage notifications about this bug go to:
https://bugs.launchpad.net/sikuli/+bug/1101171/+subscriptions

Follow ups

[Bug 1101171] Re: X-1.0rc3: Windows: Java_org_sikuli_script_Win32Util_openApp should use SecureZeroMemory
From: RaiMan, 2019-11-18
[Bug 1101171] Re: X-1.0rc3: Windows: Java_org_sikuli_script_Win32Util_openApp should use SecureZeroMemory
From: RaiMan, 2014-01-12
[Bug 1101171] Re: X-1.0rc3: Windows: Java_org_sikuli_script_Win32Util_openApp should use SecureZeroMemory
From: RaiMan, 2013-05-14
[Bug 1101171] Re: X-1.0rc3: Windows: Java_org_sikuli_script_Win32Util_openApp should use SecureZeroMemory
From: RaiMan, 2013-05-07
[Bug 1101171] Re: X-1.0rc3: Windows: Java_org_sikuli_script_Win32Util_openApp should use SecureZeroMemory
From: RaiMan, 2013-02-21
[Bug 1101171] Re: X-1.0rc3: Windows: Java_org_sikuli_script_Win32Util_openApp should use SecureZeroMemory
From: RaiMan, 2013-02-21
[Bug 1101171] Re: Use of ZeroMemory in Java_org_sikuli_script_Win32Util_openApp leads to intermittent problems
From: RaiMan, 2013-01-18
[Bug 1101171] [NEW] Use of ZeroMemory in Java_org_sikuli_script_Win32Util_openApp leads to intermittent problems
From: Kristian Karl, 2013-01-18

References

[Bug 1101171] [NEW] Use of ZeroMemory in Java_org_sikuli_script_Win32Util_openApp leads to intermittent problems
From: Kristian Karl, 2013-01-18