...
A compliant program cannot rely on realloc() because it is not possible to clear the memory prior to the call.
Instead, a custom function must be used that operates similar to realloc() but sanitizes sensitive information as heap-based buffers are resized. Again, this is done by overwriting the space to be deallocated with '\0' characters.
...