[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Erasing sensitive data from memory?
From: |
Chet Ramey |
Subject: |
Re: Erasing sensitive data from memory? |
Date: |
Mon, 22 Apr 2024 11:34:43 -0400 |
User-agent: |
Mozilla Thunderbird |
On 4/21/24 2:16 PM, Zachary Santer wrote:
Does bash malloc new memory for the variable every time it's set? If
so, I'd imagine the memory storing the prior version of the variable
is free'd, but continues to contain the sensitive data.
It depends on the malloc version. The bash malloc overwrites memory with
0xcf on free if MEMSCRAMBLE is defined (it's on by default on most systems;
controllable at configure time; disabled on some systems that have refer-
after-free issues in libc). I think this is something malloc should be
doing unconditionally.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/
OpenPGP_signature.asc
Description: OpenPGP digital signature