On Jul 6, 2005, at 12:35 PM, Dirk Stegemann wrote:
If I recall correctly, Mac OS X provides a security feature to wipe memory pages allocated by a process; is this true?
Yes - all pages allocated to your process are zero-filled by the OS when they're first mapped in. You can't really depend on this in any useful way though - see below.
When I allocate a buffer using
{
char* buffer = new char [numberOfBytes];
}
then the buffer seems to contain random data.
Has this data advertantly been made "random" or is it some remaining "valid" data leftover from previous processes which should be considered an security issue?
This is because this memory has previously been allocated to and written on by your process. The heap that "new" allocates out of is re-used as you allocate and free memory. This is not normally a security issue, unless your process handles data for multiple users (if you're a server process, for example). It can certainly be a correctness issue if you don't initialize the buffer before using it, however.
Are there runtime / compile options to get "wiped" memory buffers by a call to 'new'?
Maybe someone more familiar with C++ can answer this - in C, the answer would be to use calloc() instead of malloc(). In C++, you should of course have constructors defined for all your classes that initialize them to valid states when they're allocated, but for arrays of plain data types, I think you'll have to set the elements explicitly. In the exact case you gave, memset() could be used to clear your buffer after allocating it. I think you can also redefine the global operator new[], but that's very heavy-handed, and most likely redundant for most of your memory allocations.