Clearing memory securely and reallocations

Question

Following the discussion here, if you want to have a secure class for storing sensitive information (e.g passwords) on memory, you have to:

• memset/clear the me

Answer 1

The string literals will be stored in memory and not managed by the SecByteBlock class.

This other SO question does a decent job of explaining it: Is a string literal in c++ created in static memory?

You can try and confirm whether the grep matches can be accounted for by the string literals by seeing how many matches you get. You could also print out the memory locations of the SecByteBlock buffers and try to see if they correspond with the locations in the core dump that match your marker.