The analyzer detected a potential error. A buffer containing secure information will not be cleared.
Consider a synthetic example:
int f() { char password[size]; if (!use1(password)) return -1; use2(password); memset_s(password, sizeof(password), 0, sizeof(password)); return 0; }
This situation is similar to a memory leak. Despite the fact that the buffer is cleared using the safe function 'memset_s', if the function exits under the condition, the data will remain in memory.
To avoid the error, the buffer should be cleared on all execution paths.
A fixed example:
int f() { char password[size]; if (use1(password)) { use2(password); memset_s(password, sizeof(password), 0, sizeof(password)); return 0; } return -1; }
A similar situation will occur if a function throws an exception before the buffer is cleared.
Example:
int f() { char password[size]; if (!use1(password)) throw Exception{}; RtlSecureZeroMemory(password, size); return 0; }
A possible fixed version:
int f() { char password[size]; if (use1(password)) { RtlSecureZeroMemory(password, size); return 0; } throw Exception{}; }
This diagnostic is classified as:
|