Is it secure to use malloc?

Question

Somebody told me that allocating with malloc is not secure anymore, I\'m not a C/C++ guru but I\'ve made some stuff with malloc and C/C++. Does anyone know about what risks

Answer 1

Perhaps the person was referring to the possibility of accessing data via malloc()?

Malloc doesn't affect the contents of the region that it provides, so it MAY be possible to collect data from other processes by mallocing a large area and then scanning the contents.

free() doesn't clear memory either so data paced into dynamically allocated buffers is, in principle, accessible.

I know someone who, many years ago admittedly, exploited malloc to create an inter-process communication scheme when he found that mallocs of equal size would return the address of the most recently free'd block.