MPS issue job003763

TitleNo easy way to automatically clear freed memory
Assigned userGareth Rees
DescriptionIt is sometimes a security requirement that freed data not be visible via freshly allocated memory. The Heartbleed bug [1] happened because OPENSSL_malloc returned a pointer to a buffer that contained previously used (and freed) data.

The MPS has the capability to clear freed memory, but the capability is hidden away in the "debugging" pool classes (and not all pool classes have debugging counterparts anyway).
AnalysisAdd capability for clearing freed memory. Perhaps a new keyword argument to arena_create?
How foundinspection
Evidence[1] <>
Created byGareth Rees
Created on2014-04-14 13:11:29
Last modified byGareth Rees
Last modified on2014-04-17 12:56:54
History2014-04-14 GDR Created.