[…] When a ShortString variable gets out of scope, I can't find it in a memory dump, that's nice.
You're possibly not seeing the text anywhere, because it's already been overwritten. AFAIK FPC does not insert code wiping out memory (i.e. zeroing), since it's generally deemed as unnecessary.
I honestly do not know if there is overwriting. I notice that in the application memory dump, the value in question does not appear after it exits the scope. It seems possible to me that the value remain in the memory of the computer, so I wrote the code below. Anyway, I'm still not sure if the value is actually erased or not. But I think if I could erase it while it was in scope, I would not have to worry.
Sinceramente não sei se há sobreposição. Percebo que no dump de memória do aplicativo, o valor em questão não aparece depois que sai do escopo. Parece possível para mim que o valor permaneça na memória do computador, por isso escrevi o código abaixo. De qualquer forma, continuo sem ter certeza se o valor é de fato apagado ou não. Mas penso que se eu conseguisse apagá-lo enquanto ele estivesse no escopo, eu não precisaria me preocupar.
Based on SecureString.pas, created by Stefan van As. Baseado na SecureString.pas, criada por Stefan van As.
unit Strongs;
{$mode objfpc}{$H+}
interface
type
IStrong = interface
function Data: shortstring;
function Length: byte;
end;
Strong = IStrong;
procedure ZeroFree(var str: shortstring);
function NewStrong(str: shortstring): strong;
function ReverseShortStr(AText: shortstring): shortstring;
implementation
type
{ TStrong }
TStrong = class(TInterfacedObject,IStrong)
strict private
fData: shortstring;
public
constructor Create(const AValue: shortstring);
destructor Destroy; override;
function Data: shortstring;
function Length: byte;
end;
{ TStrong }
procedure ZeroFree(var str: shortstring);
begin
while Length(str)>%0 do begin
str[High(str)]:=#0;
SetLength(str,Length(str)-%1);
end;
end;
function ReverseShortStr(AText: shortstring): shortstring;
var
i,j: byte;
begin
SetLength(Result,Length(AText));
i:=%1; j:=Length(AText);
while (i<=j) do begin
Result[i]:=AText[j-i+%1];
Inc(i);
end;
ZeroFree(AText);
end;
constructor TStrong.Create(const AValue: shortstring);
begin
inherited Create;
fData:=AValue;
end;
destructor TStrong.Destroy;
begin
if System.Length(fData)>%0
then ZeroFree(fData);
inherited Destroy;
end;
function TStrong.Data: shortstring;
begin
Result:=ReverseShortStr(fData);
end;
function TStrong.Length: byte;
begin
Result:=System.Length(fData);
end;
function NewStrong(str: shortstring): strong;
begin
Result:=TStrong.Create(ReverseShortStr(str));
if Length(str)>%0
then ZeroFree(str);
end;
end.
The use of string reversal is merely testing, just so I know when the value found in memory is what is stored by my interface and when it is not. Finding a way to truly erase the contents of a shortstring would change the string's reversion to something else.
O uso de reversão de string é mero teste, apenas para eu saber quando o valor encontrado na memória é o que está armazenado pela minha interface e quando não é. Encontrando uma forma de verdadeiramente apagar o conteúdo de uma shortstring, trocaria a reversão da string por qualquer outra coisa.