...
| Code Block |
|---|
|
#include <sys/resource.h>
/* ... */
struct rlimit limit;
char *secret;
limit.rlim_cur = 0;
limit.rlim_max = 0;
if (setrlimit(RLIMIT_CORE, &limit) != 0) {
/* Handle error */
}
/* Create or otherwise obtain some sensitive data */char *secret;
secret = (char *)malloc(size+1);
if (fgets(secret, sizeof(!secret), stdin) == EOF) {
/* Handle error */
}
/* Perform operations using secret... */
free(secret);
secret = NULL;
|
Compliant Solution (Privileged Process, POSIX)
...
| Code Block |
|---|
|
#include <sys/resource.h>
/* ... */
struct rlimit limit;
char *secret;
limit.rlim_cur = 0;
limit.rlim_max = 0;
if (setrlimit(RLIMIT_CORE, &limit) != 0) {
/* Handle error */
}
if (mlock(secret, sizeof(secret)) != 0char *secret;
secret = (char *)malloc(size+1);
if (!secret) {
/* Handle error */
}
/* Create or otherwise obtain some sensitive data */
if (fgetsmlock(secret, sizeof(secret), stdin) == EOF size + 1 + sysconf(_SC_PAGESIZE) != 0) {
/* Handle error */
}
/* Perform operations using secret... */
free(secret);
secret = NULL;
|
Compliant Solution (Privileged Process, Windows)
...
| Code Block |
|---|
|
char *secret;
ifsecret = (VirtualLock(secret, sizeof(secret)) != 0char *)malloc(size+1);
if (!secret) {
/* Handle error */
}
/* Create or otherwise obtain some sensitive data */
if (fgetsVirtualLock(secret, sizeof(secret), stdin) == EOFsize+1) != 0) {
/* Handle error */
}
/* Perform operations using secret... */
free(secret);
secret = NULL;
|
Risk Assessment
Writing sensitive data to disk preserves it for future retrieval by an attacker, who may even be able to bypass the access restrictions of the operating system by using a disk maintenance program.
...
