...
In this noncompliant code example, sensitive information is supposedly stored in the dynamically allocated buffer, secret, which is processed and eventually deallocated cleared by a call to freememset_s(). The memory page containing secret can be swapped out to disk. If the program crashes before the call to freememset_s() completes, the information stored in secret may be stored in the core dump.
...
Related Guidelines
| CERT C++ Secure Coding Standard | MEM06-CPP. Ensure that sensitive data is not written out to disk |
| ISO/IEC TR 24772:2013 | Memory Locking [XZX] |
| MITRE CWE | CWE-591, Sensitive data storage in improperly locked memory CWE-528, Information leak through core dump files |
...