Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 26 May 2023 22:35:52 +0200
From: Jₑₙₛ Gustedt <>
To: Rich Felker <>
Cc: Joakim Sindholt <>,
Subject: Re: [C23 string conversion 1/3] C23: add the new
 memset_explicit function


on Fri, 26 May 2023 16:16:03 -0400 you (Rich Felker <>)

> We had all of these discussions back when explicit_bzero was added,
> and it was done the way it was done because it's portable (within the
> framework of what musl already requires) and non-arch-specific, has
> zero overhead, avoids any code duplication or bad performance
> open-coding another memset variant,

My impression is that such information is quite difficult to find, but
maybe I didn't search enough. Sometimes code comments would help ;-)

Bad performance really isn't a valid argument in this case. This is
not supposed to be efficient. Any user that uses this has to know that
they are trading it for something.

> and avoids taking part in any security theater (pretending we can
> clear things we can't).

It is not about taking part. For me it is just about offering to our
users the best service for this tricky question that we may, and not


:: ICube :::::::::::::::::::::::::::::: deputy director ::
:: Université de Strasbourg :::::::::::::::::::::: ICPS ::
:: INRIA Nancy Grand Est :::::::::::::::::::::::: Camus ::
:: :::::::::::::::::::::::::::::::::::: ☎ +33 368854536 ::
:: ::

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.