...
| Code Block | ||
|---|---|---|
| ||
...
char *new_secret;
size_t size = strlen(secret);
if (size == SIZE_MAX) {
/* Handle Error */
}
new_secret = malloc(size+1);
if (!new_secret) {
/* Handle Error */
}
strcpy(new_secret, secret);
/* Process new_secret... */
free(new_secret);
...
|
...
| Code Block | ||
|---|---|---|
| ||
...
temp_buff = calloc(new_size,sizeof(char)); /* use calloc() to zero-out allocated space */
if (temp_buff == NULL) {
/* Handle Error */
}
memcpy(temp_buff, secret buffer, buffersecret_size);
memset(buffer,'\0',buffersecret_size); /* sanitize the buffer */
free(buffersecret);
buffer
secret = temp_buff; /* install the resized buffer */
temp_buff = 0NULL;
...
|
Risk Assessment
Failure to clear dynamic memory can result in leaked information.
...