none
How to remove XmlDocument from memory (so that the content isn't in memory at all)? RRS feed

  • Question

  • Hi,

    I have some code that contains sensible data in the System.Xml.XmlDocument. When I'm done with the XmlDocument I need to remove it from memory (wipe) so that the sensible data isn't available at all. Kinda like the System.Security.SecureString can be disposed. 

    Any suggestions on how to do this?

    -- 
    Werner

    Wednesday, April 27, 2011 7:33 PM

Answers

  •  

    Hi Werner,

     

    String Class is a little special because the class is called immutable(read-only).

    A String object is called immutable (read-only), because its value cannot be modified after it has been created. Methods that appear to modify a String object actually return a new String object that contains the modification.

    Because strings are immutable, string manipulation routines that perform repeated additions or deletions to what appears to be a single string can extract a significant performance penalty.

    But XmlDocument Class is not. So you can use GC.Collect to collect instance of XmlDocument class and use Dispose to release unmanaged resource wrapped to it.

     

    Sincerely,


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Monday, May 2, 2011 4:03 AM
  • I suggest to call doc.RemoveAll() which removes all nodes then set doc = null. And force a Garbage collection by calling GC.Collect()
    - Rajesh K http://thoughtsontechies.blogspot.com/
    Monday, May 2, 2011 5:37 AM

All replies

  •  

    Hi Werner,

     

    I think that it is not necessary to worry about the security problem. GC help us do that. For managed objects, GC will collect unreachable objects in GC heap and help to dispose unmanaged resource by calling finalize method. if you want to force to collect them, you can call GC.Collect() or Dispose() method.


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Friday, April 29, 2011 10:41 AM
  •  

    Hi Werner,

     

    I think that it is not necessary to worry about the security problem. GC help us do that. For managed objects, GC will collect unreachable objects in GC heap and help to dispose unmanaged resource by calling finalize method. if you want to force to collect them, you can call GC.Collect() or Dispose() method.


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.


    Hi Paul,

    Thanks for your answer. However if you take a look at this link it says:

    "An instance of the System.String class is both immutable and, when no longer needed, cannot be programmatically scheduled for garbage collection; that is, the instance is read-only after it is created and it is not possible to predict when the instance will be deleted from computer memory. Consequently, if a String object contains sensitive information such as a password, credit card number, or personal data, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory."

    So in other words, if not explicitly removed from memory, the data can be retrieved. Or at least that's how I interpret it. And the data my XmlDocument is holding is credit card data and such - so I need it to dissapear from memory when I'm done processing the xml.

    I'm thinking that perhaps I could just write the XmlDocument with random data and that way clear the memory of the sensible data?

    --
    Werner

    Friday, April 29, 2011 11:35 AM
  • For sensitive data you might consider SecureString class or ProtectedMemory 
    Please remember to mark the replies as answers if they help
    Friday, April 29, 2011 11:52 AM
  • For sensitive data you might consider SecureString class or ProtectedMemory 
    Please remember to mark the replies as answers if they help


    You are missing some vital information from my original question. I'm dealing with sensitive data in an XmlDocument, not a string. I can't use xpaths against a SecureString right? :)

    The comparasing to the SecureString I made in my reply to Paul was just to backup my concerns that data awaiting the GC actually can be picked up by hackers and such.

    --
    Werner



    Friday, April 29, 2011 12:29 PM
  •  

    Hi Werner,

     

    String Class is a little special because the class is called immutable(read-only).

    A String object is called immutable (read-only), because its value cannot be modified after it has been created. Methods that appear to modify a String object actually return a new String object that contains the modification.

    Because strings are immutable, string manipulation routines that perform repeated additions or deletions to what appears to be a single string can extract a significant performance penalty.

    But XmlDocument Class is not. So you can use GC.Collect to collect instance of XmlDocument class and use Dispose to release unmanaged resource wrapped to it.

     

    Sincerely,


    Paul Zhou [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Monday, May 2, 2011 4:03 AM
  • I suggest to call doc.RemoveAll() which removes all nodes then set doc = null. And force a Garbage collection by calling GC.Collect()
    - Rajesh K http://thoughtsontechies.blogspot.com/
    Monday, May 2, 2011 5:37 AM
  • I suggest to call doc.RemoveAll() which removes all nodes then set doc = null. And force a Garbage collection by calling GC.Collect()
    - Rajesh K http://thoughtsontechies.blogspot.com/
    Actually working in one of the project we found a leak with xmldocument in .NET compact framework running on wince OS. (our xml doc was 5mb in size and remained part of application memory even after xmldom going out of local scope and the above approach fixed that issue)
    - Rajesh K http://thoughtsontechies.blogspot.com/
    Monday, May 2, 2011 5:39 AM
  • I suggest to call doc.RemoveAll() which removes all nodes then set doc = null. And force a Garbage collection by calling GC.Collect()
    - Rajesh K http://thoughtsontechies.blogspot.com/


    Thanks all, I'll go with Rajesh approach and combine clearing the data before calling the GC.

    --
    Werner

    Monday, May 2, 2011 6:14 AM