任何理由使用SecureZeroMemory()而不是memset()或zeroMemory()当安全不是一个问题? [英] Any reason to use SecureZeroMemory() instead of memset() or ZeroMemory() when security is not an issue?
问题描述
此MSND文章说 SecureZeroMemory ()适用于存储在内存中一段时间的敏感数据在不再需要时尽快被覆盖的情况。对此SO问题的解答为什么这会有所作为。
This MSND article says SecureZeroMemory() is good for cases when sensitive data stored in memory for a while should be for sure overwritten as soon as possible when no longer needed. Answers to this SO question explain why this can make a difference.
现在使用 SecureZeroMemory()块?例如在一个项目中,我看到如下代码:
Now is there any sence in using SecureZeroMemory() for initializing just every memory block? For example in one project I see code like the following:
ICONINFO ii;
::SecureZeroMemory(&ii, sizeof(ICONINFO));
if (::GetIconInfo(hIcon, &ii))
{
//do stuff, then
//release bitmaps
if(ii.hbmMask)
::DeleteObject(ii.hbmMask);
if(ii.hbmColor)
::DeleteObject(ii.hbmColor);
}
为什么使用 SecureZeroMemory()这里代替 ZeroMemory(), memset()或值初始化?我的意思是如果编译器决定初始化是不必要的,并希望优化它 - 为什么我强制它?是否有任何理由使用 SecureZeroMemory()这里?
why use SecureZeroMemory() here instead of ZeroMemory(), memset() or value initialization? I mean if the compiler decides initialization is unnecessary and wants to optimize it out - why would I enforce it? Is there any reason to use SecureZeroMemory() here?
推荐答案
使用SecureZeroMemory初始化图标信息结构没有意义。它只能覆盖堆栈帧上应该安全地擦除其他地方的字节。那匹马已经逃离了谷仓。初始化它根本没有意义,GetIconInfo()的返回值告诉你它已经初始化。
It makes no sense to use SecureZeroMemory to initialize an icon info structure. It can only overwrite bytes on the stack frame that should have been securely erased elsewhere. That horse already escaped the barn. It doesn't even make sense to initialize it at all, the return value of GetIconInfo() tells you that it got initialized.
SecureZeroMemory()只有有意义> 之后的内存已经填充了安全数据。
SecureZeroMemory() only makes sense after memory was filled with secure data.
这篇关于任何理由使用SecureZeroMemory()而不是memset()或zeroMemory()当安全不是一个问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
