[cfe-dev] Security fail (memset being optimized away)

Aaron Ballman via cfe-dev cfe-dev at lists.llvm.org
Thu Jan 3 08:37:12 PST 2019


On Thu, Jan 3, 2019 at 11:31 AM Keane, Erich via cfe-dev
<cfe-dev at lists.llvm.org> wrote:
>
> I believe that solution is able to be optimized out as well (see the comment in the C99 solution).   memset_s (C11)  and SecureZeroMemory (MSVC) are the two standards compliant ways that guarantee they won't be optimized out.

Unfortunately, memet_s() is part of Annex K (which is an optional
Annex that has not been widely adopted) and SecureZeroMemory() is a
Win32-only API. It's too bad that the standard library maintainers
have been so hostile towards Annex K because this is not a trivial
problem to solve in a portable manner without implementation
collusion.

~Aaron

>
> -----Original Message-----
> From: cfe-dev [mailto:cfe-dev-bounces at lists.llvm.org] On Behalf Of myLC at gmx.de via cfe-dev
> Sent: Thursday, January 3, 2019 8:28 AM
> To: cfe-dev at lists.llvm.org
> Subject: [cfe-dev] Security fail (memset being optimized away)
>
> On Jan 3 7:53, Paul Anderson wrote:
>  > Hi:
>  >
>  > There's a discussion of this very issue here:
>  >
>  > https://wiki.sei.cmu.edu/confluence/display/c/MSC06-C.+Beware+of+compiler+optimizations
>  >
>  > -Paul
>
>
> Thanks! I just read through it and couldn't really reach a conclusion. The section above lists non-portable or "clumsy"
> solutions.
> In the comments, Douglas A. Gwyn suggested a simple:
> memset((volatile char *)pwd, 0, sizeof(pwd));
>
> Unless I'm mistaken, this SHOULD work. Then again, it should also give you a warning...
>
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev



More information about the cfe-dev mailing list