[gnutls-devel] GnuTLS | gnutls_memset: use explicit_bzero (d087db43)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Wed Aug 8 15:08:54 CEST 2018
Nikos Mavrogiannopoulos commented on a discussion on lib/safe-memfuncs.c:
> * This function will operate similarly to memset(), but will
> * not be optimized out by the compiler.
> *
> - * Returns: void.
> - *
> * Since: 3.4.0
> **/
> void gnutls_memset(void *data, int c, size_t size)
> {
> - volatile unsigned volatile_zero = 0;
> + volatile unsigned volatile_zero;
> volatile char *vdata = (volatile char*)data;
> +#ifdef HAVE_EXPLICIT_BZERO
> + if (c == 0) {
> + explicit_bzero(data, size);
According to manpage:
```
It differs from bzero() in that it guarantees that compiler optimizations will not remove the erase operation if the compiler deduces that the operation is "unnecessary".
```
Implementation wise it adds a barrier after memset().
https://code.woboq.org/userspace/glibc/string/explicit_bzero.c.html
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/commit/d087db43e07c9b9df115ae9467bede5fa796c302#note_93287236
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20180808/0a94e9cf/attachment-0001.html>
More information about the Gnutls-devel
mailing list