Dead Store Elimination (Still) Considered Harmful http://cseweb.ucsd.edu/~klevchen/yjoll-usesec17.pdf …
-
-
Replying to @johnregehr
Are ppl still writing dead stores intended to do something? Why?
1 reply 0 retweets 0 likes -
Replying to @RichFelker @johnregehr
To remove secrets from memory, of course. C gives no good, portable method so you get this.
2 replies 0 retweets 0 likes -
Replying to @stevecheckoway @johnregehr
I mean why do ppl still think that works? Haven't compilers optimized this for decades?
2 replies 0 retweets 3 likes -
-
the only guaranteed one'd be an extension to the language, but... *looks at memset_s*
2 replies 0 retweets 0 likes -
even something like that is no guarantee since the compiler is free to make copies of the data before you wipe it
5 replies 0 retweets 6 likes -
I wonder how much something like rust exacerbates the situation. You could move a secret into a function and not be able to clear it afterward. (I think.)
1 reply 0 retweets 1 like -
my view is that if you really want to kill that secret it should have been stored in a short-lived process, but I guess that's probably not always realistic
2 replies 0 retweets 2 likes
Rich Felker Retweeted John Regehr
This is generally the right answer.https://twitter.com/johnregehr/status/947207459780755456 …
Rich Felker added,
-
-
Replying to @RichFelker @johnregehr and
And what guarantees a process's swap space or memory gets recycled? Mostly idle system, process ran at high water mark...
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.