[cfe-dev] Security fail (memset being optimized away)

myLC@gmx.de via cfe-dev cfe-dev at lists.llvm.org
Thu Jan 3 08:27:37 PST 2019


On Jan 3 7:53, Paul Anderson wrote:
 > Hi:
 >
 > There's a discussion of this very issue here:
 >
 > https://wiki.sei.cmu.edu/confluence/display/c/MSC06-C.+Beware+of+compiler+optimizations
 >
 > -Paul


Thanks! I just read through it and couldn't really reach a
conclusion. The section above lists non-portable or "clumsy"
solutions.
In the comments, Douglas A. Gwyn suggested a simple:
memset((volatile char *)pwd, 0, sizeof(pwd));

Unless I'm mistaken, this SHOULD work. Then again, it
should also give you a warning...




More information about the cfe-dev mailing list