bzero() before free()

Peter Stuge peter at stuge.se
Thu Apr 2 05:22:58 EST 2009


miguel.sanders at arcelormittal.com wrote:
> I really don't see why you would zero a string and free the memory
> immediately afterwards?
> Any idea why this is done?

To decrease the risk for sensitive data stored in that memory are to
leak into another program in the system.

Now that the memory area is unused (or used by someone else) it might
also be marked for paging, and end up being stored to swap on a hard
disk.

Decrypted keys or parts of keys, as an example, can be identified
even in a large data stream, so it's real bad to let them get away.

Passwords would also be bad to leak.


//Peter


More information about the openssh-unix-dev mailing list