Am Donnerstag, 14. April 2016, 15:25:17 schrieb Tudor-Dan Ambarus:
Hi Tudor,
> >
> > > +{
> > > + if (key->d) {
> > > + memset(key->d, '\0', key->n_sz);
> >
> > memzero_explicit, please
>
> I don't think this is really needed. memzero_explicit is used only on stack
> variables that get cleared just before they go out of scope.
Are you so sure that a compiler is not getting smart on seeing a memset
followed by a free without marking the pointer as volatile? You free the
pointer immediately after memset(). I would not want to bet anything that a
compiler would leave the memset for non-volatile pointers.
Besides, memzero_expicit does not cost anything -- it does not add any
instruction but convinces the compiler to not optimize it away.
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
