Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Description Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory. Extended DescriptionWhen sensitive data such as a password or an encryption key is not removed from memory, it could be exposed to an attacker using a "heap inspection" attack that reads the sensitive data using memory dumps or other methods. The realloc() function is commonly used to increase the size of a block of allocated memory. This operation often requires copying the contents of the old memory block into a new and larger block. This operation leaves the contents of the original block intact but inaccessible to the program, preventing the program from being able to scrub sensitive data from memory. If an attacker can later examine the contents of a memory dump, the sensitive data could be exposed. Applicable PlatformsLanguage: CLanguage: C++ Time Of Introduction
Common Consequences
Detection MethodsNone Potential MitigationsNone Relationships
Demonstrative Examples (Details) White Box DefinitionsA weakness where code path has:1. start statement that stores information in a buffer2. end statement that resize the buffer and3. path does not contain statement that performs cleaning of the buffer Black Box Definitions None Taxynomy Mappings
References:None |