...
Wiki Markup |
---|
Using {{realloc()}} to resize dynamic memory may inadvertently expose sensitive information, or allow heap inspection as is described in Fortify's Taxonomy of Software Security Errors \[[vulncat|http://vulncat.fortifysoftware.com/2/HI.html]\] and NIST's Source Code Analysis Tool Functional Specification \[[SAMATE|http://samate.nist.gov/docs/SAMATE_source_code_analysis_tool_spec_09_15_06.pdf]\]. When {{realloc()}} is called it may allocate a new, larger block of memory, copy the contents, of {{secret}} to this new block, {{free()}} the original block, and assign the newly allocated block to {{secret}}. However, the contents of the original block may remain in heap memory after being marked for deallocation. |
...