[cfe-dev] Security fail (memset being optimized away)
Keane, Erich via cfe-dev
cfe-dev at lists.llvm.org
Thu Jan 3 08:45:53 PST 2019
In my experience, most of the assumptions PEOPLE make about what Volatile means is incorrect. The compiler is doing what it is allowed to.
Check out: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p1152r0.html
JF's paper has a pretty solid explanation of what volatile really means (as well as ways we can fix it).
-----Original Message-----
From: cfe-dev [mailto:cfe-dev-bounces at lists.llvm.org] On Behalf Of myLC at gmx.de via cfe-dev
Sent: Thursday, January 3, 2019 8:43 AM
To: cfe-dev at lists.llvm.org
Subject: [cfe-dev] Security fail (memset being optimized away)
On Jan 3 8:31, Keane Erich wrote:
> I believe that solution is able to be optimized out as well > (see the comment in the C99 solution).
> memset_s (C11) and SecureZeroMemory (MSVC) are the two > standards compliant ways that guarantee they won't be > optimized out.
It doesn't quench my curiosity, though. ;-) What about other (your own) functions?
Isn't it a bug, if a compiler takes false assumptions on volatiles? This would mean that it doesn't work, even though it really should (which, of course, is of little help in the real world).
_______________________________________________
cfe-dev mailing list
cfe-dev at lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
More information about the cfe-dev
mailing list