Dead Store Elimination (Still) Considered Harmful http://cseweb.ucsd.edu/~klevchen/yjoll-usesec17.pdf …
-
-
To remove secrets from memory, of course. C gives no good, portable method so you get this.
-
I mean why do ppl still think that works? Haven't compilers optimized this for decades?
-
Sure, but what's the alternative?
-
the only guaranteed one'd be an extension to the language, but... *looks at memset_s*
-
even something like that is no guarantee since the compiler is free to make copies of the data before you wipe it
-
I saw a demo of this (compiler slyly making a copy) a while back but don't have the link handy
-
The best is when the compiler makes a copy for the sole purpose of passing it to explicit_bzero.
-
Ha! I'd love to see an example of that, if you have one handy.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.