On Monday 15 September 2014 08:16:27 William Orr wrote: > Hey, Hi, > I was looking through the source of ssh_string_burn, and I was wondering > what guarantees there were to ensure it doesn't get optimized out. > > Now, the new C11 memset_s(3) can be used to make those guarantees on > platforms that have a new enough libc. Other platforms offer an > explicit_bzero(3) function with that guarantee.
thanks for bringing this up! Fixed with the latest commit to the master and
0.6 branch.
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
www.cryptomilk.org [email protected]
signature.asc
Description: This is a digitally signed message part.
