CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection')
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory.
扩展描述
When sensitive data such as a password or an encryption key is not removed from memory, it could be exposed to an attacker using a "heap inspection" attack that reads the sensitive data using memory dumps or other methods. The realloc() function is commonly used to increase the size of a block of allocated memory. This operation often requires copying the contents of the old memory block into a new and larger block. This operation leaves the contents of the original block intact but inaccessible to the program, preventing the program from being able to scrub sensitive data from memory. If an attacker can later examine the contents of a memory dump, the sensitive data could be exposed.
常见后果
影响范围: Confidentiality Other
技术影响: Read Memory Other
说明: Be careful using vfork() and fork() in security sensitive code. The process state will not be cleaned up and will contain traces of data from past use.
观察示例
参考: CVE-2019-3733
Cryptography library does not clear heap memory before release
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
适用平台
编程语言
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| 7 Pernicious Kingdoms | - | Heap Inspection | - |
| CERT C Secure Coding | MEM03-C | Clear sensitive information stored in reusable resources returned for reuse | - |
| Software Fault Patterns | SFP23 | Exposed Data | - |