FeatureRequest: Add opt-in possibility to zeroed-out buffers #267
Comments
|
I'm not opposed to this. Go for it. |
|
What about adding API to zero out the stream, so the caller is responsible. That would avoid having to add an if check that most people don't need. |
|
Do you want to add zeroing to prevent accidental data leaks or so that new streams only contain zeros? In the latter case, note that new blocks are allocated using |
|
I want to add zeroing to prevent accidental data leaks. |
With the API approach one would have the risk of accidental data leak in case the caller forgets to explicitly zero out memory. Also the combination with `AggressiveBufferReturn`` seems tricky. |
|
Calling var buffers = someStream.GetReadOnlySequence();
foreach (var buffer in buffers)
{
CryptographicOperations.ZeroMemory(buffer.Span);
} |
|
This won't work as the buffers are read-only. |
|
D'oh, you're right. It'd have to be something like this: var buffers = someStream.GetReadOnlySequence();
foreach (var buffer in buffers)
{
ref var bytes = ref MemoryMarshal.GetReference(buffer.Span);
var span = MemoryMarshal.CreateSpan(ref bytes, buffer.Length);
CryptographicOperations.ZeroMemory(span);
}But that still won't handle the large buffer if |
|
Would it be okay then to zero out the buffers (only if configured) before returning them to the pool ? |
I think this fine. Let's make this a 3.0 feature. |
Hi together,
Would it be possible to extend the RecyclableMemoryStreamManager by a configuration option to zero-out buffers before returning them to the pool?
I understand that for performance reasons, the buffers are not ever pre-initialized or zeroed-out by default, but i think it would be nice to have the option to configure it if one is willing to take the performance hit.
I could create a PR for this if you think it would be a useful addition.
Best regards,
Lars
The text was updated successfully, but these errors were encountered: