...
Using realloc() to resize dynamic memory may inadvertently expose sensitive information as is described in vulncat. realloc() may allocate a new, larger block of memory, copy the contents, of buffer to this new block, free() the original block, and assign the newly allocated block to buffer. However, the contents of the original block may remain in heap memory after being marked for deallocation.
...