RtlSecureZeroMemory - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers
// wdm.h

PVOID RtlSecureZeroMemory(
  [in, out] PVOID  Ptr,
  [in]      SIZE_T cnt
);

View the official Windows Driver Kit DDI reference

NtDoc

No description available.

Windows Driver Kit DDI reference (nf-wdm-rtlsecurezeromemory)

Description

The RtlSecureZeroMemory routine securely fills a block of memory with zeros in a way that is guaranteed not to be optimized away by the compiler.

Parameters

Ptr [in, out]

A pointer to the memory block to be securely filled with zeros.

cnt [in]

The number of bytes to fill with zeros.

Return value

RtlSecureZeroMemory returns a pointer to the memory block that was filled (Ptr).

Syntax

PVOID RtlSecureZeroMemory(
  [in, out] PVOID  Ptr,
  [in]      SIZE_T cnt
);

Remarks

Callers of RtlSecureZeroMemory can be running at any IRQL if the destination memory block is in nonpaged system memory. Otherwise, the caller must be running at IRQL <= APC_LEVEL.

Example

UCHAR SensitiveData[256];
UCHAR CryptographicKey[32];

// Use sensitive data
ProcessSensitiveInformation(SensitiveData);
PerformCryptographicOperation(CryptographicKey);

// Securely clear sensitive data from memory
// This will not be optimized away by the compiler
RtlSecureZeroMemory(SensitiveData, sizeof(SensitiveData));
RtlSecureZeroMemory(CryptographicKey, sizeof(CryptographicKey));

See also

RtlZeroMemory

RtlFillVolatileMemory

RtlSetVolatileMemory