The RtlSecureZeroMemory routine securely fills a block of memory with zeros in a way that is guaranteed not to be optimized away by the compiler.
Syntax
PVOID RtlSecureZeroMemory(
[in, out] PVOID Ptr,
[in] SIZE_T cnt
);
Parameters
[in, out] Ptr
指向要安全填充零的内存块的指针。
[in] cnt
要用零填充的字节数。
Return value
RtlSecureZeroMemory returns a pointer to the memory block that was filled (Ptr).
Remarks
该函数使用可变内存访问来确保编译器无法优化零值作,即使调用后内存似乎未使用。
This differs from RtlZeroMemory, which may be optimized away by the compiler if the memory is not accessed again.
该函数保证所有指定的字节都将设置为零,并且编译器优化不会删除此作。
Callers of RtlSecureZeroMemory can be running at any IRQL if the destination memory block is in nonpaged system memory. 否则,调用方必须在 IRQL <= APC_LEVEL上运行。
Example
UCHAR SensitiveData[256];
UCHAR CryptographicKey[32];
// Use sensitive data
ProcessSensitiveInformation(SensitiveData);
PerformCryptographicOperation(CryptographicKey);
// Securely clear sensitive data from memory
// This will not be optimized away by the compiler
RtlSecureZeroMemory(SensitiveData, sizeof(SensitiveData));
RtlSecureZeroMemory(CryptographicKey, sizeof(CryptographicKey));
Requirements
| Requirement | Value |
|---|---|
| Target Platform | Universal |
| Header | wdm.h (包括 Wdm.h、Ntddk.h、Ntifs.h) |
| Library | NtosKrnl.lib |
| DLL | NtosKrnl.exe |
| IRQL | 任何级别 (请参阅“备注”部分) |