[EMAIL PROTECTED] wrote:
Ben Laurie wrote:
In OpenSSL we overwrite with random gunk for this reason.
What? No compiler is smart enough to say, The program
sets these variables but they are never referenced again.
I'll save time and not set them.
Sure it is, here's gcc -O3:
main()
{
int
Ben Laurie wrote:
In OpenSSL we overwrite with random gunk for this reason.
What? No compiler is smart enough to say, The program
sets these variables but they are never referenced again.
I'll save time and not set them.
-
On Mon, Jun 14, 2004 at 11:31:23AM +, [EMAIL PROTECTED] wrote:
Ben Laurie wrote:
In OpenSSL we overwrite with random gunk for this reason.
What? No compiler is smart enough to say, The program
sets these variables but they are never referenced again.
I'll save time and not set them.
On Monday 14 June 2004 13:31, [EMAIL PROTECTED] wrote:
Ben Laurie wrote:
In OpenSSL we overwrite with random gunk for this reason.
What? No compiler is smart enough to say, The program
sets these variables but they are never referenced again.
I'll save time and not set them.
Most modern
What? No compiler is smart enough to say, The program
sets these variables but they are never referenced again.
I'll save time and not set them.
Given the semantics of C pointers, and multiple compilation units, the
answer to your question is probably not in non-research use.
/r$
--
Really, a red page needs to be red all the way through all levels of
virtualization. Very low level, or even hardware, support might even prove
useful - e.g., if for whatever reason the data in the physical page frame
needs to be copied (after a soft ECC error?), zero the previous page
And of course, the article didn't get it right. Because of optimizing
compilers, it is *not* trivial to zero passwords.
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]