Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 19 May 2014 18:45:08 +0200
From: Daniel Cegiełka <>
Subject: Re: thoughts on reallocarray, explicit_bzero?

2014-05-19 18:25 GMT+02:00 Szabolcs Nagy <>:

> i don't see how the openbsd explicit_bzero stops the
> compiler to do optimizations..
> (i guess they rely on that their gcc does not do lto
> or that libc is dynamic linked and the compiler has no
> 'explicit_bzero' builtin, neither of which is a great
> solution..)
> the usual approach to this is volatile function pointer:
> static void *(*volatile force_memset)(void,int,size_t) = memset;
> in general in c one cannot be sure that the secret bits
> are not leaked somewhere since the languge spec cannot
> give such guarantees
> that said either the volatile funcptr or actually reusing
> the memory such that it cannot be optimized away works in
> practice

first version:

void explicit_bzero(void * const b, const size_t l)
    volatile unsigned char *p = (volatile unsigned char *) b;
    size_t i = (size_t) 0U;

    while (i < l) {
        p[i++] = 0U;

Of course, if someone has better ideas... I'm very curious :)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.