stronglink icon indicating copy to clipboard operation
stronglink copied to clipboard

Published 20 hours ago verified publisher icon btrask

Use explicit_bzero to clear sensitive buffers after use

Open btrask opened this issue 9 years ago • 0 comments

In any case of a function that expects a sensitive buffer (password or key), we should probably accept a pointer to a mutable buffer and zero it before the function returns...?

Or alternately, just clear it at the top level after the call returns.

  • Blog login interface
  • API session creation (currently disabled)
  • Session lookup

btrask avatar Sep 13 '15 03:09 btrask