ossf / secure-sw-dev-fundamentals

Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
Creative Commons Attribution 4.0 International
179 stars 46 forks source link

Minimizing the time: include existing C interfaces #159

Open nmav opened 3 months ago

nmav commented 3 months ago

This includes the C interfaces that exist to overwrite sensitive data from memory such as explicit_bzero. As this is a common mistake not to overwrite the data, I think listing these interfaces has value even if a complete solution that includes security from the memory swap is harder.