RtlSecureZeroMemory on sbuffer

[ferfnin]

Is it safe to erase the memory of the buffer like this?

    msgpack::sbuffer sbuf;
    msgpack::pack(sbuf, map);
    data = QByteArray(sbuf.data(), sbuf.size());
    RtlSecureZeroMemory(sbuf.data(), sbuf.size());
    sbuf.clear();

map is a std::map<std::string, std::string>

[redboltz]

Is it safe to erase the memory of the buffer like this?

    msgpack::sbuffer sbuf;
    msgpack::pack(sbuf, map);
    data = QByteArray(sbuf.data(), sbuf.size());
    RtlSecureZeroMemory(sbuf.data(), sbuf.size());
    sbuf.clear();

map is a std::map<std::string, std::string>

If QByteArray() make a copy of the memory, it is safe.

Here is the implementation:

sbuffer::data() has two overloads: https://github.com/msgpack/msgpack-c/blob/5c606bd6382f22ba93488a32bde39bf285677017/include/msgpack/v1/sbuffer.hpp#L84-L92

In this case, non const one is chosen. It returns internal m_data.

sbuffer::size() returns internal m_size that is the size of m_data. https://github.com/msgpack/msgpack-c/blob/5c606bd6382f22ba93488a32bde39bf285677017/include/msgpack/v1/sbuffer.hpp#L94-L97

sbuffer::clear() set m_size to zero. https://github.com/msgpack/msgpack-c/blob/5c606bd6382f22ba93488a32bde39bf285677017/include/msgpack/v1/sbuffer.hpp#L108-L111

So your operation is safe.

If you don't reuse sbuf, but just want to fill zero for security, sbuffer::release() could be another choice.

    msgpack::sbuffer sbuf;
    msgpack::pack(sbuf, map);
    // use sbuf

    // ...
    // finish sbuf using, then destroy it with filling memory 0
    std::size_t size = sbuf.size();
    char* ptr = sbuf.release(); // now the ownership of internal buffer is moved to ptr
    data = QByteArray(ptr, size);
    RtlSecureZeroMemory(ptr, size);
    free(ptr); // perhaps you can use something like secure_free(ptr, size); 

[ferfnin]

Thank you!