Compiler optimizing out clearing of sensitive buffers #418

issue llamasoft openend this issue on September 19, 2016
  1. llamasoft commented at 3:27 pm on September 19, 2016: contributor

    As noted from Issue #414, it appears that compilers are optimizing out the clearing of sensitive memory.
    There are a few ways to work around these shortcomings, discussed in CWE-14 and MSC06-C.

    Options include:

    • Casting to volatile during assignment
    • Rolling your own memset_s or using C11’s version
    • Temporarily disabling optimization using #pragma (probably not portable)
  2. gmaxwell cross-referenced this on May 29, 2019 from issue Unused var assignment (scan-build warning) by rustyrussell
  3. real-or-random commented at 3:10 pm on May 30, 2019: contributor
    I think this is a duplicate of #185.
  4. gmaxwell closed this on May 30, 2019


github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-10-30 07:15 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me