Password theft from memory?
Bruce Cran
bruce at cran.org.uk
Tue Apr 26 09:48:57 UTC 2011
On Mon, 25 Apr 2011 23:29:08 +0100
RW <rwmaillists at googlemail.com> wrote:
> The reason I thought that heap memory isn't zeroed is from the
> discussion of pre-zeroed pages in this article:
There's an idlezero task that runs by default (via
the vm.idlezero_enable sysctl), zeroing unused pages, but malloc itself
doesn't zero memory on demand by default. If you enable the 'Z'
malloc.conf(3) option it does, though:
Z Each byte of new memory allocated by malloc(), realloc() or
reallocf() will be initialized to 0. Note that this initializa-
tion only happens once for each byte, so realloc() and reallocf()
calls do not zero memory that was previously allocated. This is
intended for debugging and will impact performance negatively.
--
Bruce Cran
More information about the freebsd-questions
mailing list