...
| Wiki Markup |
|---|
See [MEM06-C. Ensure that sensitive data is not written out to disk]. While using a password, consider storing its hash instead of plaintext. Use the hash for comparisons and other purposes. The following code \[[#1Viega 01|AA. C References#Viega 01]\] illustrates this: |
| Code Block | ||
|---|---|---|
| ||
int validate(char *username) {
char *password;
char *checksum;
password = read_password();
checksum = compute_checksum(password);
erase(password); /* securely erase password */
return !strcmp(checksum, get_stored_checksum(username));
}
|
...
- Be aware of compiler optimization when erasing memory (see MSC06-C. Be aware of compiler optimization when dealing with sensitive data).
Wiki Markup Use secure erase methods specified in US Department of Defense Standard 5220 \[[#2DOD 5220|AA. C References#DOD 5220]\] or Peter Gutmann's paper \[[#3Gutmann 96|AA. C References#Gutmann 96]\].
Risk Assessment
If sensitive data is not handled correctly in a program, an attacker can gain access to it.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
...
| Wiki Markup |
|---|
\[[DOD 5220|AA. C References#DOD 5220]\]
\[[Gutmann 96|AA. C References#Gutmann 96]\]
\[[Lewis 06|AA. C References#Lewis 06]\]
\[[Viega 01|AA. C References#Viega 01]\] |
...
...