SecureZeroMemory
A version of this page is also available for
4/8/2010
This function fills a block of memory with zeros.
This function is a more secure version of the Platform SDK memory management function ZeroMemory. See the MSDN Library for details of ZeroMemory.
Syntax
PVOID SecureZeroMemory(
PVOID ptr,
SIZE_T cnt
);
Parameters
- ptr
[in] Pointer to the starting address of the block of memory to fill with zeros.
- cnt
[in] Size, in bytes, of the block of memory to fill with zeros.
Return Value
A pointer to the block of memory.
Remarks
This function is defined as the RtlSecureZeroMemory function. For more information, see Winbase.h and Winnt.h.
To use this function, you must include Windows.h.
Use this function instead of ZeroMemory when you want to ensure that your data will be overwritten promptly, because the compiler can optimize a call to ZeroMemory by removing it entirely.
A call to SecureZeroMemory is not optimized.
In the following code example, if ZeroMemory were called instead of SecureZeroMemory, the compiler could optimize the call because the szPassword buffer is not read from before it goes out of scope. The password would remain on the application stack where it could be captured in a crash dump or probed by a malicious application, as shown in the following code example:
void Sample()
{
WCHAR szPassword[MAX_PATH];
if (GetPasswordFromUser(szPassword, MAX_PATH)) // This function retrieves a password.
UsePassword(szPassword);
SecureZeroMemory(szPassword, sizeof(szPassword)); // Clear the password from memory.
}
Requirements
Header | windows.h, winnt.h |
Library | coredll.lib |
Windows Embedded CE | Windows CE .NET 4.1 and later |
Windows Mobile | Windows Mobile Version 5.0 and later |