How can I manually zero out memory? - McMap

About

How can I manually zero out memory?

Asked 10/6, 2016 at 17:6 Answered 10/6, 2016 at 17:19

Solved swift security automatic-ref-counting memory-safety

W

1

7

Is it possible to manually clear out the contents of an object from memory?

In particular, I'm dealing with NSData. I've tried using data.length = 0 and data.setData(NSData).

I know ARC will come in and clean up after it is out of scope to whom it belongs, but is it possible to manually force this process when I want?

Woodsum answered 10/6, 2016 at 17:6 Comment(0)

W

6

I think you have some misconceptions about ARC I'd like to clear up. The goal of ARC is is to ensure memory leaks don't occur. It's responsible for tracking the object over its lifecycle, and ensuring it's "freed" when no references remain to it.

It's important to note that the memory being "freed" does not necessarily imply "writing over it all with 0s".

It simply means that memory will be designated as unused. The freed memory becomes a candidate for allocation when the system needs to allocate memory to new objects.

There's no guarantee that this reallocation will happen, thus it's very possible for your freed memory to contain your original data, and never be overwritten.

Update: It looks like since 2022, Apple's platforms do zero memory upon deallocation, because it compresses better, which helps under high memory pressure. https://forums.swift.org/t/erase-dealocated-memory/34964/13

Note that this is just a performance optimization, and certainly not a guarantee that you can rely on for security purposes.

Whipping answered 10/6, 2016 at 17:19 Comment(7)

So even after taking an object and overwriting the contents of itself .setdata(nsdata()) it does not guarantee that the actual memory will be overwritten with the new value? Or are you referring to when you let the object go entirely? – Woodsum 10/6, 2016 at 17:23

I don't know which setdata method you're talking about, but most likely it updates an internal instance variable of the receiver that holds a reference to NSData. Setting a new value to it will make ARC free the old NSData object it used to reference (if nothing else is referencing that NSData object), but there's no guarantee it'll be zeroed out. – Whipping 10/6, 2016 at 17:31

The NSMutableData SetData() - developer.apple.com/library/ios/documentation/Cocoa/Reference/…: – Woodsum 10/6, 2016 at 17:32

This may be of interest #27716485 – Whipping 10/6, 2016 at 17:33

This would essentially do the same exact thing as resetBytesInRange right? The difference here is setData would clear our the values and reset it to a 0 length? – Woodsum 10/6, 2016 at 17:34

I don't know about the underlying implementation, but unless the documentation makes any promises about it, I wouldn't trust it. It could for example be storing those bytes in an array on heap, and just changing the reference to point to a new array, leaving the old array freed but not cleared – Whipping 10/6, 2016 at 17:35

My prior comment was about setData(_:). I believe resetBytesInRange(_:) will do what you want. It'll zero out the sensitive part of the object, ARC will later free it, and leave the non-sensitive parts untouched until the memory is reallocated. – Whipping 10/6, 2016 at 18:10

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.