Hacker News new | comments | show | ask | jobs | submit login

A good solution in c is to use calloc, which is malloc + zero'ing out the memory.


Also, in a standards-compliant compiler, statically declared variables are automatically initialized to zero unless stated otherwise.

That won't work here. Here, the goal is to have 'cfree': zero'ing out memory and then freeing it.

OK, shows me for skimming too much.

There apparently used to be a cfree though it appears to be equivalent to free.

I upvoted rwg's comment regarding CERT's Secure Coding wiki. memset_s is the correct solution given it is part of the C11 standard.

Applications are open for YC Summer 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact