--- Comment #7 from Kangjie Lu <kjlu at gatech dot edu> ---
(In reply to Andrew Pinski from comment #6)
> >More information can be found in our research paper: 
> >
> You research paper is wrong and does not consider C is an inherently
> insecure language to be begin with.  There are many other things wrong with
> it.  Like for an example recommending the use of memset when you want to
> hide the stores from the compiler.  There is already a thread on the glibc
> mailing list about this exact thing about adding a secure memset which is
> GCC is not going to optimize away.

Thanks for your feedback. 
We do think C is not safe language and that's why we want to secure programs 
written in C.
Could you provide me more information about the thread. We use LLVM instead
of GCC. Our instrumentation is inserted after optimization passes.


Reply via email to