Draft Edition of LibTomMath book
tom st denis
tomstdenis at yahoo.com
Wed Jun 25 19:37:35 EDT 2003
--- bear <bear at sonic.net> wrote:
> One thing that I've noticed for a long time is that there
> are *VERY* few math libraries that don't leave whatever
> numbers they're working with in memory when deallocating
> (deallocating heap via free() or deallocating stack via
> returning from a procedure call or deallocating swapspace
> by getting paged back in off a disk).
>
> And numbers that an application leaves lying around in
> whatever working memory or media it's using, can be
> discovered and exploited by other programs - frequently
> by unauthorized ones.
Very true. LibTomMath will actually wipe the memory allocated [via
memset] before free'ing but I leave it up to the end user to lock their
heap from swapping.
Tom
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list