On Monday 14 June 2004 13:31, [EMAIL PROTECTED] wrote: > Ben Laurie wrote: > > In OpenSSL we overwrite with random gunk for this reason. > > What? No compiler is smart enough to say, "The program > sets these variables but they are never referenced again. > I'll save time and not set them."
Most modern compilers can do flow analysis. The common case is that the variable is a local variable in some function, and even very simplistic flow analysis will detect the case that a variable is "dead", i.e. that its value will never be used. All operations on a dead variable, like overwriting its value will be removed by the compiler. The same is true for instance variables in most object-oriented languages. Ernst Lippe --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]