sneak/secret
1
0
Fork 1
Code Issues 7 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

Zero plaintext after copying to memguard in DecryptWithIdentity (closes #5) #10

Open
clawbot wants to merge 1 commits from clawbot/secret:fix/issue-5 into main
pull from: clawbot/secret:fix/issue-5
merge into: sneak:main
Conversation 0 Commits 1 Files Changed 1 +5

1 Commits

Author SHA1 Message Date
clawbot
fd77a047f9 security: zero plaintext after copying to memguard in DecryptWithIdentity 
The decrypted data from io.ReadAll was copied into a memguard
LockedBuffer but the original byte slice was never zeroed, leaving
plaintext in swappable, dumpable heap memory.
 2026-02-08 12:04:38 -08:00