tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: crypto_memset (was: Re: Zero it if you're going to copy it out.)
On 22.07.2012 23:15, Matthew Mondor wrote:
> On Sun, 22 Jul 2012 19:37:26 +0200
> Alan Barrett <apb%cequrux.com@localhost> wrote:
>
>> errno_t
>> memset_s(void *s, rsize_t smax, int c, rsize_t n);
>
> Is there an issue if using something such as the following:
>
> void *explicit_memset(void *, size_t, int);
> void explicit_bzero(void *, size_t);
>
> To remain compatible with memset(3)/bzero(3) (or macros
> EXPLICIT_MEMSET, EXPLICIT_BZERO with the same signature)?
I agree, and they can be used in future implementations of memset_s()
when adding runtime constraints.
Using memset_s() (in a manner as expected by the standard) requires
more heavy code changes. Having explicit_memset/bzero functions that
respect memset/bzero prototypes is still a plus IMHO.
My 2 cents, for what they're worth...
--
Jean-Yves Migeon
jeanyves.migeon%free.fr@localhost
Home |
Main Index |
Thread Index |
Old Index