AFAIK, malloc() CAN, but usually not returns cleared memory (it is much better to assume that, for all platforms). calloc() MUST (but don't believe every word). On Windows, you can call ZeroMemory() to clear memory, or call LocalAlloc(LPTR, LMEM_FIXED|LMEM_ZEROINIT) to achieve the same goal). You can always write your paranoid functions, like PGP 2.6.2i implements BurnMemory(), but again, not on all points, there is no need to do that, burn only sensitive memory (God bless fast routines). Content of memory that malloc() returns depends on C++ compiler implementation, release or debug build, debugging tools used, prolog and epilog code (for example, if it is debug build BoundsChecker will fill returned heap with some specific byte and extend the requested amount of memory by size of guard block, Visual C++ will set it to 0xCC [int 3]). You cannot make platform independent "tool" that explores heap (unfortunately), espetially memory of other processes (of course, there are some special circumstances under which you can, depends on OS, but it is easier and makes more sense to intercept keyboard input [as a driver, as a hook] if you need a password, or call a good lady and chat-a-little, or try to make your home grown Tempest). Theoretically, you can get some sensitive information (depends on many factors), but probability to get something (and to know that that is sensitive) is equal to catch a fish in the late afternoon, at least on WinNT (not because it is so secure, but because it is chaos out there). I suppose that for *nix/*nux it should be the same.
This archive was generated by hypermail 2b30 : Wed Jun 27 2001 - 19:14:11 PDT