BaSzErr - blog:2021:05:10 https://baszerr.eu/ Tue, 28 Apr 2026 14:03:33 +0000 FeedCreator 1.8 https://baszerr.eu/lib/exe/fetch.php?media=wiki:dokuwiki.svg BaSzErr https://baszerr.eu/ 2021-05-10_-_securely_clearing_memory https://baszerr.eu/doku.php?id=blog:2021:05:10:2021-05-10_-_securely_clearing_memory <h1 class="sectionedit1" id="securely_clearing_memory">2021-05-10 - securely clearing memory</h1> <div class="level1"> <p> whenever you read secrets into the application memory, you should <a href="https://www.sjoerdlangkemper.nl/2016/05/22/should-passwords-be-cleared-from-memory/" class="urlextern" title="https://www.sjoerdlangkemper.nl/2016/05/22/should-passwords-be-cleared-from-memory/" rel="ugc nofollow">clear it from the memory</a>. tricky part in managed languages (like C#/Java/Python), but straight forward in C/C++, right? right? no… it&#039;s not. <a href="http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html" class="urlextern" title="http://www.daemonology.net/blog/2014-09-04-how-to-zero-a-buffer.html" rel="ugc nofollow">obvious things like memset() can be optimized away</a> (<a href="https://en.cppreference.com/w/cpp/string/byte/memset" class="urlextern" title="https://en.cppreference.com/w/cpp/string/byte/memset" rel="ugc nofollow">&quot;as-if&quot; rule -- &quot;dead code&quot; can be removed</a>). </p> <p> in order to the way to go is to use function that is guaranteed not to be optimized away – for example <a href="https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero" class="urlextern" title="https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero" rel="ugc nofollow">explicit_bzero()</a> on Linux/FreeBSD. and we&#039;re good, right? right? no… not exactly… the next problem is that these secrets are typically used for something and <a href="http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html" class="urlextern" title="http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html" rel="ugc nofollow">encryption/hashing algorithms can leave their internal state in the memory</a>, that can make it easier to extract certain pieces of information… and this problem does not have a reasonable solution to this point. </p> <p> so for the time being – just <code>explicit_bzero()</code> secrets that you have. </p> </div> anonymous@undisclosed.example.com (Anonymous) Tue, 15 Jun 2021 20:09:43 +0000