SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 44

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 45

changes.mady.by.user Melanie Thompson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The added security from using mlock() is limited. (see See the sidebar by Nick Stoughton.) .

Processes with elevated privileges can disable paging by "locking" memory in place using POSIX mlock() function [Open Group 042004]. This ensures that memory is never copied to the hard drive, where it may be retained indefinitely in nonvolatile storage.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Other Languages

Related Guidelines

This rule appears in the C++ Secure Coding Standard as : MEM06-CPP. Ensure that sensitive data is not written out to disk.

Bibliography

Wiki Markup
\[[ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] "XZX Memory Locking"
\[[MITRE 072007|AA. Bibliography#MITRE 07]\] [CWE ID 591|http://cwe.mitre.org/data/definitions/591.html], "Sensitive Data Storage in Improperly Locked Memory," and [CWE ID 528|http://cwe.mitre.org/data/definitions/528.html], "Information Leak Through Core Dump Files"
\[[Open Group 04204|AA. Bibliography#AA. CReferences-OpenGroup04]\]{{mlock(), setrlimit()}}
\[[Wheeler 032003|AA. Bibliography#Wheeler 03]\] Sections 7.14 and 11.4

...