Cryptographic Buffer Sanitization with Stack-Allocated Memory

Snippet

Cryptographic Buffer Sanitization with Stack-Allocated Memory

When handling sensitive data, relying on the Garbage Collector is insufficient. Using 'stackalloc' creates a buffer on the stack, and 'buffer.Clear()' ensures that secrets are wiped from memory immediately after use, reducing the attack surface for memory dumps.

snippet.cs

csharp

public void ProcessSecureData(ReadOnlySpan<char> sensitive)
{
    Span<byte> buffer = stackalloc byte[sensitive.Length * 2];
    try
    {
        // Perform cryptographic operations
        System.Text.Encoding.UTF8.GetBytes(sensitive, buffer);
        PerformOperation(buffer);
    }
    finally
    {
        // Overwrite memory to prevent data leakage after method returns
        buffer.Clear();
    }
}

Breakdown

stackalloc byte[...]

Allocates memory on the stack, avoiding heap tracking and GC overhead.

buffer.Clear()

Zeroes out the memory range to sanitize sensitive leftovers.

Previous snippet Next snippet

More Expert C# exercises →

From your library

Cryptographic Buffer Sanitization with Stack-Allocated Memory

Related