====== 2021-05-10 - securely clearing memory ======

whenever you read secrets into the application memory, you should [[https://www.sjoerdlangkemper.nl/2016/05/22/should-passwords-be-cleared-from-memory/|clear it from the memory]]. tricky part in managed languages (like C#/Java/Python), but straight forward in C/C++, right? right? no... it's not. [[http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html|obvious things like memset() can be optimized away]] ([[https://en.cppreference.com/w/cpp/string/byte/memset|"as-if" rule -- "dead code" can be removed]]).

in order to the way to go is to use function that is guaranteed not to be optimized away -- for example [[https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero|explicit_bzero()]] on Linux/FreeBSD. and we're good, right? right? no... not exactly... the next problem is that these secrets are typically used for something and [[http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html|encryption/hashing algorithms can leave their internal state in the memory]], that can make it easier to extract certain pieces of information... and this problem does not have a reasonable solution to this point.

so for the time being -- just ''explicit_bzero()'' secrets that you have.