Re: Is memcpy secure?
From: Olga Sayenko (sayenko_at_yahoo.com)
Date: 11 Jan 2004 13:02:16 -0800
Christian Bau <email@example.com> wrote in message news:<christian.bau-D18859.firstname.lastname@example.org>...
> In article <email@example.com>,
> firstname.lastname@example.org (Olga Sayenko) wrote:
> > Hi,
> > I am trying to make sure that my data doesn't show up anywhere outside
> > my process unencrypted. I am concerned that if I use memcpy, the bytes
> > copied will end up in some memory somewhere after I am done with it.
> > Am I being paranoid?
> Yes, but are you paranoid enough?
Finally, someone understands! :)
> Seriously, memcpy will not be a special case. It won't do anything that
> straightforward C code couldn't do. I would be more worried about the
> data that was in a memory block that gets free()d.
Wouldn't setting buffers to null characters when I am done with them
take care of this?