More on in-memory zeroisation
Dave Korn
dave.korn at artimi.com
Mon Dec 10 13:29:20 EST 2007
On 09 December 2007 06:16, Peter Gutmann wrote:
> Reading through "Secure Programming with Static Analysis", I noticed an
> observation in the text that newer versions of gcc such as 3.4.4 and 4.1.2
> treat the pattern:
>
> "memset(?, 0, ?)"
>
> differently from any other memset in that it's not optimised out.
> Can anyone who knows more about gcc development provide more insight on
> this? Could it be made an official, supported feature of the compiler?
I'm sure it could; why not raise it on the GCC mailing list? It sounds like
all it would involve would be a patch to the documentation and maybe a comment
in the source.
cheers,
DaveK
--
Can't think of a witty .sigline today....
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list