Source-Changes-D archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src
On Thu, Aug 30, 2012 at 07:03:43PM +0000, Taylor R Campbell wrote:
> 
> The issue with memset isn't timing attacks, but rather that the C
> compiler is likely to optimize away the apparently useless memset from
> code that looks like this, and thereby leave keys floating about in
> RAM:
> 
> {
>         char key[32];
> 
>         fetch_key(key);
>         do_sekrit_stuff_with_key(key);
>         memset(key, 0, sizeof key);
> }
> 
> Hence explicit_{bzero,memset}, not consttime_{bzero,memset}, which are
> supposed to be guaranteed not to be optimized away.
Which means that it shpuld be enough to add (with gcc):
        asm volatile ("" ::: "memory");
after the memset().
        David
-- 
David Laight: david%l8s.co.uk@localhost
Home |
Main Index |
Thread Index |
Old Index