Wiki Markup free()}} on a block of dynamic memory marks that memory for deallocation. Once deallocated, the block of memory is made available for future allocation. However, the data stored in the block of memory to be recycled may be preserved. If this memory block contains sensitive information, that information may be unintentionally exposed.
| Wiki Markup |
|---|
his type of defect can lead to information leakage as is stated in Rule: [MEM33-C. Do not assume memory allocation routines initialize memory]. Other attacks, such that information may be unintentionally exposed. This phenomenon is referred to as _heap inspection_ \[[vulncat|http://vulncat.fortifysoftware.com/2/HI.html] and [samate|http://samate.nist.gov/docs/SAMATE_source_code_analysis_tool_spec_09_15_06.pdf]\] can also occur. To prevent other heapinformation inspectionleakage and other information leakage,heap inspection it is necessary to clear sensitive information from dynamically allocated buffers before they are freed. |
. |
Non-Compliant Code Example 1
...
Using realloc() to resize dynamic memory may inadvertently expose sensitive datainformation. realloc() may allocate a new, larger block of memory, copy the contents, of buffer to this new block, free() the original block, and assign the newly allocated block to buffer. However, the contents of the original block may remain in heap memory after being marked for deallocation.
...