Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Null out after free

...

In this example, sensitive information generated by create_secret() is stored in the dynamically allocated buffer, secret, which is processed and eventually deallocated by a call to free(). The memory page containing secret could be swapped out to disk. If the program crashes before the call to free(), the information stored in secret may be stored in the core dump.

Code Block
bgColor#FFcccc
/* ... */
char *secret;

secret = (char *)malloc(size+1);
if (!secret) {
  /* Handle Error */
}
secret = create_secret();

/* Perform operations using secret... */

free(secret);
/* ... */secret = NULL;

Compliant Solution

To prevent the information being written to a core dump, the size of core dumps that the program will generate should be set to 0. This can accomplished by using setrlimit().

...