다음을 통해 공유


SecureZeroMemory (Windows CE 5.0)

Send Feedback

This function fills a block of memory with zeros.

This function is a more secure version of the Platform SDK memory management function ZeroMemory. See the MSDN Library for details of ZeroMemory.

PVOIDSecureZeroMemory(PVOIDptr, SIZE_Tcnt );

Parameters

  • ptr
    [in] Pointer to the starting address of the block of memory to fill with zeros.
  • cnt
    [in] Size, in bytes, of the block of memory to fill with zeros.

Return Values

This function returns a pointer to the block of memory.

Remarks

This function is defined as the RtlSecureZeroMemory function. For more information, see Winbase.h and Winnt.h.

To use this function, you must include Windows.h.

Use this function instead of ZeroMemory when you want to ensure that your data will be overwritten promptly, because the compiler can optimize a call to ZeroMemory by removing it entirely.

A call to SecureZeroMemory is not optimized.

In the following code example, if ZeroMemory were called instead of SecureZeroMemory, the compiler could optimize the call because the szPassword buffer is not read from before it goes out of scope. The password would remain on the application stack where it could be captured in a crash dump or probed by a malicious application.

void Sample()
{
  WCHAR szPassword[MAX_PATH];

  if (GetPasswordFromUser(szPassword, MAX_PATH))    // this function retrieves a password
     UsePassword(szPassword);
  SecureZeroMemory(szPassword, sizeof(szPassword)); // clear the password from memory
}

Requirements

OS Versions: Windows CE .NET 4.1 and later.
Header: Winnt.h, Windows.h.
Link Library: Coredll.lib.

See Also

Memory Management Functions

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.