sneak/secret
1
0
Fork 1
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Zero plaintext after copying to memguard in DecryptWithIdentity (closes #5) #10

Merged
sneak merged 1 commits from clawbot/secret:fix/issue-5 into main 2026-02-09 02:18:06 +01:00
Conversation 0 Commits 1 Files Changed 1 +5

1 Commits

Author SHA1 Message Date
clawbot
fd77a047f9 security: zero plaintext after copying to memguard in DecryptWithIdentity 
The decrypted data from io.ReadAll was copied into a memguard
LockedBuffer but the original byte slice was never zeroed, leaving
plaintext in swappable, dumpable heap memory.
 2026-02-08 12:04:38 -08:00