Page History

Using {{realloc()}} to resize dynamic memory may inadvertently expose sensitive information, or allow heap inspection as is described in Fortify's Taxonomy of Software Security Errors \[[vulncat|http://vulncat.fortifysoftware.com/2/HI.html]\] and NIST's Source Code Analysis Tool Functional Specification \[[SAMATE]\]. When {{realloc()}} is called it may allocate a new, larger block of memory, copy the contents, of {{buffer}} to this new block, {{free()}} the original block, and assign the newly allocated block to {{buffer}}. However, the contents of the original block may remain in heap memory after being marked for deallocation.