zero-ing is not enough

Dominikus Dittes Scherkl via Digitalmars-d digitalmars-d at puremagic.com
Tue Sep 9 09:33:17 PDT 2014


On Tuesday, 9 September 2014 at 14:42:14 UTC, David Nadlinger 
wrote:
> On Tuesday, 9 September 2014 at 07:09:52 UTC, bearophile wrote:
>> John Colvin:
>>
>>> http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html
>>>
>>> D could incorporate something like this, no?
>>
>> See:
>> https://d.puremagic.com/issues/show_bug.cgi?id=10661
>>
>> Walter seems OK with adding something like that to the D 
>> intrinsics.
>
> Nope, the article is about something different. Quote: "With a 
> bit of care and a cooperative compiler, we can zero a buffer — 
> but that's not what we need."
>
Yeah. But volatileMemset() is a first step in the right direction.
Maybe we can have an attribute @local that advises the compiler 
not to do any optimization that copies stuff around and that it 
has to clear all used registers at function exit - that would be 
really secure and at the same time convenient for programming 
cryptography.



More information about the Digitalmars-d mailing list