Did you *really* zeroize that key?
Bill Sommerfeld
sommerfeld at orchard.arlington.ma.us
Fri Nov 8 10:19:39 EST 2002
[cc's pruned]
> static void
> burn_stack (int bytes)
> {
> char buf[64];
>
> memset (buf, 0, sizeof buf);
> bytes -= sizeof buf;
> if (bytes > 0)
> burn_stack (bytes);
> }
This may also not quite do what you think:
1) burn_stack() may reasonably be made tail-recursive by a
sufficiently agressive compiler, if the memset is inlined and is then
recognized as a bunch of dead stores.
2) even if it doesn't get tail-call treatment, some ABI's require
largeish alignment for stack frames or define a fixed component to the
stack frame and then don't fill in the unused stack slots; either of
these may leave a good size chunk of the stack unwritten.
- Bill
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list