Did you *really* zeroize that key?
bear
bear at sonic.net
Fri Nov 8 11:36:56 EST 2002
I remember this issue from days when I wrote modem drivers.
I had a fight with a compiler vendor over the interpretation
of "volatile".
They agreed with me that "volatile" meant that all *writes*
to the memory had to happen as directed; but had taken the
approach that *reads* of volatile memory could be optimized
away if the program didn't do anything with the values read.
This doesn't work with the UARTs that I was coding for at the
time, because on those chips, *reads* have side effects on
the state of the chip. If a read of the status register
doesn't happen, then subsequent writes to the data buffer will
not trigger a new transmit.
The compiler vendor had not foreseen a situation in which
reads might have side effects, and so the compiler didn't
work for that task. I wound up using a different compiler.
Although the bastards never admitted to me that they were wrong,
I noted that in their next patch release, it was listed number
one in the list of critical bugfixes.
Bear
(who now notes that the company is no longer extant)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list