More on in-memory zeroisation
Dave Korn
dave.korn at artimi.com
Fri Dec 14 11:09:17 EST 2007
I've been through the code. As far as I can see, there's nothing in
expand_builtin_memset_args that treats any value differently, so there can't be
anything special about memset(x, 0, y). Also as far as I can tell, gcc doesn't
optimise out calls to memset, not even thoroughly dead ones: for example -
/artimi/software/firmware $ cat memstst.c
#include <string.h>
int foo (void);
int main (int argc, const char **argv)
{
int var[100];
memset (var, 0, sizeof var);
foo ();
return 0;
}
int foo (void)
{
int var[100];
memset (var, 0, sizeof var);
return 0;
}
/artimi/software/firmware $ gcc -O2 memstst.c -o mt
/artimi/software/firmware $ gcc -O2 memstst.c -S -o memstst.s
/artimi/software/firmware $ grep memset memstst.s
call _memset
call _memset
.def _memset; .scl 3; .type 32; .endef
/artimi/software/firmware $
This is not entirely unexpected; memset, even when expanded inline as a
builtin, still has libcall behaviour.
cheers,
DaveK
--
Can't think of a witty .sigline today....
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list