Safe Clearing of Private Data

Save to:
Instapaper Pocket Readability

We often need to store private data in programs, for example passwords, secret keys, and their derivatives, and we usually need to clear their traces in the memory after using them so that a potential intruder can't gain access to these data. In this article we will discuss why you can't clear private data using memset() function.

Safe Clearing of Private Data

by Roman Fomichev

From the article:

So, both gcc and clang decided to optimize our code. Since the memory is freed after calling the memset() function, the compilers treat this call as irrelevant and delete it.

Add a Comment

You must sign in or register to add a comment.

Comments (0)

There are currently no comments on this entry.