SecureZeroMemory function

Fills a block of memory with zeros. It is designed to be a more secure version of ZeroMemory.

Syntax

PVOID SecureZeroMemory(
  _In_ PVOID  ptr,
  _In_ SIZE_T cnt
);

Parameters

  • ptr [in]
    A pointer to the starting address of the block of memory to fill with zeros.

  • cnt [in]
    The size of the block of memory to fill with zeros, in bytes.

Return value

This function returns a pointer to the block of memory.

Remarks

This function is defined as the RtlSecureZeroMemory function (see WinBase.h). The implementation of RtlSecureZeroMemory is provided inline and can be used on any version of Windows (see WinNT.h.)

Use this function instead of ZeroMemory when you want to ensure that your data will be overwritten promptly, as some C++ compilers can optimize a call to ZeroMemory by removing it entirely.

Many programming languages include syntax for initializing complex variables to zero. There can be differences between the results of these operations and the SecureZeroMemory function. Use SecureZeroMemory to clear a block of memory in any programming language.

The following code fragment shows an instance where it is good to use SecureZeroMemory instead of ZeroMemory.


WCHAR szPassword[MAX_PATH];

// Retrieve the password
if (GetPasswordFromUser(szPassword, MAX_PATH))    
   UsePassword(szPassword);
// Clear the password from memory
SecureZeroMemory(szPassword, sizeof(szPassword));

If ZeroMemory were called in this example instead of SecureZeroMemory, the compiler could optimize the call because the szPassword buffer is not read from before it goes out of scope. The password would remain on the application stack where it could be captured in a crash dump or probed by a malicious application.

Requirements

Minimum supported client

Windows XP [desktop apps only]

Minimum supported server

Windows Server 2003 [desktop apps only]

Header

WinBase.h (include Windows.h)

See also

CopyMemory

FillMemory

MoveMemory

ZeroMemory