ljknews wrote:
> At 3:08 PM -0400 7/3/08, koo wrote:
>
>> We suggest that CWE #244, Failure to Clear Heap Memory Before Release,
>
> It seems to me that it would be sufficient for the operating
> system to clear the memory before reallocation to a process.
> Why be concerned about the state when no process can access
> it ?
>
Can you, or should you, as the paranoid secure programmer of an
application, trust the OS to do wipe heap memory before it passes the
memory on to another process or even uses it itself?
> Is there a separate item for clearing stack memory ? That
> would seem vulnerable in the same way
There probably should be one, c.f. GCC Mudflap Pointer Debugging, the
-wipe-stack option at
http://gcc.gnu.org/wiki/Mudflap_Pointer_DebuggingKoo's suggestion makes sense to me (moving 244).
Cheers,
Pascal
