Expand Minimize

RtlSecureZeroMemory routine

The RtlSecureZeroMemory routine fills a block of memory with zeros in a way that is guaranteed to be secure.

Syntax


PVOID RtlSecureZeroMemory(
  _Out_  PVOID ptr,
  _In_   SIZE_T cnt
);

Parameters

ptr [out]

Pointer to the memory buffer to be filled with zeros.

cnt [in]

Specifies the number of bytes to be filled with zeros.

Return value

None

Remarks

The effect of RtlSecureZeroMemory is identical to that of RtlZeroMemory, except that it is guaranteed to zero the memory location, even if it is not subsequently written to. (The compiler can optimize away a call to RtlZeroMemory, if it determines that the caller does not access that memory range again.)

Use RtlSecureZeroMemory to guarantee that sensitive information has been zeroed out. For example, suppose that a function uses a local array variable to store password information. Once the function exits, the password information can remain in the same memory location unless zeroed out by RtlSecureZeroMemory.

RtlSecureZeroMemory is slower than RtlZeroMemory; therefore, if security is not an issue, use RtlZeroMemory instead.

Callers of RtlSecureZeroMemory can be running at any IRQL if the ptr block is in nonpaged pool. Otherwise, the caller must be running at IRQL <= APC_LEVEL.

Requirements

Version

Available in Windows Server 2003 and later versions of Windows. (Because the routine is declared inline, the body of the routine can be included in earlier versions of the operating system.)

Header

Wdm.h (include Wdm.h, Ntddk.h, or Ntifs.h)

IRQL

Any level (See Remarks section)

See also

RtlFillMemory
RtlZeroMemory

 

 

Send comments about this topic to Microsoft

Show:
© 2014 Microsoft. All rights reserved.