This crate provides the securely erasing memory allocator MAProper 🧹
MAProperMAProper is an extension around std::alloc::System which ensures that the allocated memory is
always erased before it is deallocated by using one of
memset_s/SecureZeroMemory/explicit_bzero/explicit_memset.
MAProperMAProper becomes handy if you're dealing with a lot of sensitive data: because the memory
management of dynamically allocating types like Vec or String is opaque, you basically have no
real chance to reliably trace and erase their sensitive contents.
However they all use the global allocator – so all ways lead to Rome (or in this case to the global
allocator's alloc and dealloc functions) – which is where MAProper is sitting and waiting to
take care of the discarded memory.
MAProper as global allocator (example)```rust
static MA_PROPER: MAProper = MAProper;
fn main() {
// This Vec will allocate memory through MA_PROPER above
let mut v = Vec::new();
v.push(1);
}
```
Please note that MAProper only erases memory that is deallocated properly. This especially means
that:
- stack items are not overwritten by this allocator – to erase stack memory, we expose
MAProper::erase_slice and MAProper::erase_ptr<T> so that you can erase them manually if
necessary
- depending on your panic-policy and your Rc/Arc use (retain-cycles), the destructor (and thus
the deallocator) may never be called
This crate is in an beta state; so be careful if you use it!