How to cleanse (overwrite with random bytes) std::string internal buffer?

后端未结

关注

 3  1815

后悔当初 2021-02-12 06:00

Consider a scenario, where std::string is used to store a secret. Once it is consumed and is no longer needed, it would be good to cleanse it, i.e overwrit

3条回答

自闭症患者 (楼主)

2021-02-12 06:12
It is probably safe. But not guaranteed.

However, since C++11, a std::string must be implemented as contiguous data so you can safely access its internal array using the address of its first element &secretString[0].
```
if(!secretString.empty()) // avoid UB
{
    char* modifiable = &secretString[0];
    OpenSSL_cleanse(modifiable, secretString.size());
}
```
0 讨论(0)

查看其它3个回答
发布评论:

提交评论
- 加载中...