...
To prevent information leakage, sensitive information must be cleared from dynamically allocated buffers before they are freed. Calling free() on a block of dynamic memory causes the space to be deallocated; that is, the memory block is made available for future allocation. However, the data stored in the block of memory to be recycled may be preserved. If this memory block contains sensitive information, that information may be unintentionally exposed.
In this noncompliant example, sensitive information stored in the dynamically allocated memory referenced by secret is copied to the dynamically allocated buffer, new_secret, which is processed and eventually deallocated by a call to free(). Because the memory is not cleared, it may be reallocated to another section of the program where the information stored in new_secret may be unintentionally leaked.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
...
| ISO/IEC TR 24772:2013 | Sensitive Information Uncleared Before Use [XZK] |
| MITRE CWE | CWE-226, Sensitive information uncleared before release CWE-244, Failure to clear heap memory before release ("heap inspection") |
...