Did you *really* zeroize that key?

[bear]

I remember this issue from days when I wrote modem drivers.
I had a fight with a compiler vendor over the interpretation
of "volatile".

They agreed with me that "volatile" meant that all *writes*
to the memory had to happen as directed; but had taken the
approach that *reads* of volatile memory could be optimized
away if the program didn't do anything with the values read.

This doesn't work with the UARTs that I was coding for at the
time, because on those chips, *reads* have side effects on
the state of the chip.  If a read of the status register
doesn't happen, then subsequent writes to the data buffer will
not trigger a new transmit.

The compiler vendor had not foreseen a situation in which
reads might have side effects, and so the compiler didn't
work for that task. I wound up using a different compiler.

Although the bastards never admitted to me that they were wrong,
I noted that in their next patch release, it was listed number
one in the list of critical bugfixes.

				Bear
	(who now notes that the company is no longer extant)



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com