[Cryptography] [Crypto-practicum] Secure erasure in C.
Ray Dillinger
bear at sonic.net
Wed Sep 7 21:09:10 EDT 2016
On 09/07/2016 05:27 PM, Ron Garret wrote:
> On Sep 7, 2016, at 5:08 PM, Ray Dillinger <bear at sonic.net> wrote:
>> On 09/07/2016 04:23 PM, Ron Garret wrote:
>>> void erase(volatile char *buf, size_t len) {
>> ....
>>
>> everything that starts with this line doesn't work, because
>> passing a (non-volatile) 'char *' to a 'volatile char *' is
>> an error. Something can't be made volatile by a cast; it
>> can only be done when declaring the variable (or buffer).
>
> OK, so then why not:
>
> void erase_non_volatile(char* buf, size_t len) {
> volatile char* buf1 = buf;
> erase(buf1, len);
> }
You can initialize a volatile pointer from a non-volatile
pointer, but that's because the pointer itself is volatile
when created. You want to initialize a pointer at a
volatile _object_ from a pointer at a non-volatile _object_,
which is different.
I don't think that's allowed unless the non-volatile
object is 'static' in the first place, like a procedure
or a static variable. IME nothing can become 'volatile'
unless its location can be fixed at compile time. But
now I have to go read the standard again because I may
be remembering that incorrectly. It would be very nice
if it's allowed.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160907/0fd2c944/attachment.sig>
More information about the cryptography
mailing list