--- bear <[EMAIL PROTECTED]> wrote: > One thing that I've noticed for a long time is that there > are *VERY* few math libraries that don't leave whatever > numbers they're working with in memory when deallocating > (deallocating heap via free() or deallocating stack via > returning from a procedure call or deallocating swapspace > by getting paged back in off a disk). > > And numbers that an application leaves lying around in > whatever working memory or media it's using, can be > discovered and exploited by other programs - frequently > by unauthorized ones.
Very true. LibTomMath will actually wipe the memory allocated [via memset] before free'ing but I leave it up to the end user to lock their heap from swapping. Tom __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]