I can see data is still in queue buffer even client read it.
Have it sense to wipe it ?
And may be have sense to disable QueuePeek API.
Main idea is limit all places where temporary ( sensitive ) data are available more than they really need.
Regards,Eugene
( void ) memcpy( ( void * ) pvBuffer, ( void * ) pxQueue->u.xQueue.pcReadFrom, ( size_t ) pxQueue->uxItemSize ); /*lint !e961 !e418 !e9087 MISRA exception as the casts are only redundant for some ports. Also previous logic ensures a null pointer can only be passed to memcpy() when the count is 0. Cast to void required by function signature and safe as no alignment requirement and copy length specified in bytes. */
This looks like a simple feature to add - but queues are not the only place where data is stored so we could make it a more generic function that covers stream buffers as well.
Additionally - as per this thread Automatic wiping of task's stack - perhaps using the memory protection unit would be a better solution as if all your tasks run unprivileged then only the kernel would be able to access data stored within a queue.
I just try to find places where temporary sensitive data might leave for long time.
Due common secure paranoia, all temporary buffers/data must be wiped asap after usage.