More on in-memory zeroisation
Florian Weimer
fw at deneb.enyo.de
Mon Dec 10 11:50:07 EST 2007
* Thierry Moreau:
> Peter Gutmann wrote:
>
>> There was a discussion on this list a year or two back about problems in using
>> memset() to zeroise in-memory data, specifically the fact that optimising
>> compilers would remove a memset() on (apparently) dead data in the belief that
>> it wasn't serving any purpose.
>>
>
> Then, s/memset(?,0,?)/(memset)(?,0,?)/ to get rid of compiler in-lining.
>
> Ref: ANSI X3.159-1989, section 4.1.6 (Use of C standard library functions)
This isn't true; inlining of standard library functions is always
permitted under the as-if rule.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list