--- bear <[EMAIL PROTECTED]> wrote:
> One thing that I've noticed for a long time is that there
> are *VERY* few math libraries that don't leave whatever
> numbers they're working with in memory when deallocating
> (deallocating heap via free() or deallocating stack via
> returning from a procedure call or deallocating swapspace
> by getting paged back in off a disk).
> And numbers that an application leaves lying around in
> whatever working memory or media it's using, can be
> discovered and exploited by other programs - frequently
> by unauthorized ones.

Very true.  LibTomMath will actually wipe the memory allocated [via
memset] before free'ing but I leave it up to the end user to lock their
heap from swapping.


Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to