moving to tech@ ---------- Forwarded message --------- From: Philipp Klaus Krause <p...@spth.de> Date: Mon, Aug 10, 2020 at 4:34 AM Subject: explicit_bzero vs. alternatives To: <m...@openbsd.org>
OpenBSD has the explicit_bzero function to reliably (i.e. even if not observable in the C abstract machine) overwrite memory with zeroes. WG14 is currently considering adding similar functionality to C2X. Considered options include: * A function like explicit_bzero or memset_explicit, that overwrites the memory with a known value. * A function like memclear, that overwrites the memory in an implementation-defined manner, possibly using random data. Is there a rationale why OpenBSD went with their explicit_bzero design? Were alternatives considered and rejected? Philipp
