Re: Is memcpy secure?
From: Peter Pichler (pichlo7_at_pobox.sk)
Date: Sun, 11 Jan 2004 22:15:16 -0000
"Christian Bau" <email@example.com> wrote...
> (Olga Sayenko) wrote:
> > I am trying to make sure that my data doesn't show up anywhere outside
> > my process unencrypted. I am concerned that if I use memcpy, the bytes
> > copied will end up in some memory somewhere after I am done with it.
> > Am I being paranoid?
> Yes, but are you paranoid enough?
> Seriously, memcpy will not be a special case. It won't do anything that
> straightforward C code couldn't do. I would be more worried about the
> data that was in a memory block that gets free()d.
Or indeed in any memory block, full stop. *Any* memory can be swapped to
a harddisk, for example.