question

XiangPing-6973 avatar image
0 Votes"
XiangPing-6973 asked RLWA32-6355 commented

How does DPAPI handle memory of the output buffer from CryptProtectData/CryptUnprotectData APIs?

Hi, I'm using CryptProtectData() and CryptUnprotectData() APIs for data encryption and decryption in our App. Reading API document here: https://docs.microsoft.com/en-us/windows/win32/api/dpapi/nf-dpapi-cryptprotectdata, it's not clear why LocalFree() needs to be called against the output buffer after usage, the example code on that page does not invoke LocalFree().
What's also missing on the document (The main reason for this question) is that, how DATA_BLOB::pbData for the output is managed by DPAPI? Can I provide my own memory? If I can, how do I know the output buffer size of the encrypted data?

windows-api
· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Its unfortunate that sometimes the sample code contains errors. Call LocalFree on the pointer to the memory allocated for the encrypted data encapsulated by the DATA_BLOB struct. If that's not correct more likely than not you would see a heap corruption error result.

The sample code in nf-dpapi-cryptunprotectdata also fails to call LocalFree. Additionally the call to printf for the description string is incorrect also since the format specifier for a unicode string should be %ls


1 Vote 1 ·

I noticed that the APIs you are using are win32 APIs. Are you developing a UWP app or a win32 app?

0 Votes 0 ·

Hi Roy, it's actually a win32 console app I'm using for SDK development and testing (we are developing a SDK for other developers within the org to use).

0 Votes 0 ·

@XiangPing-6973 OK, I'll change your tag to win-api-general so that other engineers could check that.

1 Vote 1 ·

1 Answer

XiaopoYang-MSFT avatar image
0 Votes"
XiaopoYang-MSFT answered RLWA32-6355 commented

The Complete Example C Program: Using CryptProtectData does LocalFree pDataOut.pbData.
NO, you cannot provide your own memory.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thanks to confirm. I'll applied LocalFree() to reclaim the resource from the output buffer.
I was hoping the memory leak can be captured using the technique described here https://docs.microsoft.com/en-us/visualstudio/debugger/finding-memory-leaks-using-the-crt-library?view=vs-2019, but it does not show up in the leak report. Although I an capture leaks of memory allocated using malloc().
This is probably another topic, if you can point me to the right direction how the memory leak left by DPAPI can be detected, that'll be great. If not, that's fine.

0 Votes 0 ·

The CRT library only detects and reports memory leaks for allocations made by library functions (e.g., malloc, new, etc). It does not track other allocators available in the Windows API such as HeapAlloc, GlobalAlloc, LocalAlloc, or CoTaskMemAlloc. Both GlobalAlloc and LocalAlloc are wrappers around HeapAlloc. Refer to example-10---detecting-a-heap-memory-leak-in-a-process for an example of a tool to detect memory leaks in the process heap. CoTaskMemAlloc is the COM Task Allocator and related memory leaks can be identified by the use of the IMallocSpy interface.


0 Votes 0 ·