...
| Code Block | ||
|---|---|---|
| ||
char *secret;
secret = (char *)malloc(size+1);
if (!secret) {
/* Handle Error */
}
secret = create_secret();
/* Perform operations using secret... */
free(secret);
secret = NULL;
|
Compliant Solution (UNIX)
To prevent the information being written to a core dump, the size of core dumps that the program will generate should be set to 0. This can accomplished by using setrlimit().
...
| Code Block | ||
|---|---|---|
| ||
if (VirtualLock(secret, sizeof(secret)) != 0) {
/* Handle error */
}
/* Create or otherwise obtain some sensitive data */
fgets(secret, sizeof(secret), stdin);
|
...
Risk Assessment
Writing sensitive data to disk preserves it for future retrieval by an attacker, who may even be able to bypass the access restrictions of the operating system by using a disk maintenance program.
...