zero-ing is not enough
Dominikus Dittes Scherkl via Digitalmars-d
digitalmars-d at puremagic.com
Tue Sep 9 09:33:17 PDT 2014
On Tuesday, 9 September 2014 at 14:42:14 UTC, David Nadlinger
wrote:
> On Tuesday, 9 September 2014 at 07:09:52 UTC, bearophile wrote:
>> John Colvin:
>>
>>> http://www.daemonology.net/blog/2014-09-06-zeroing-buffers-is-insufficient.html
>>>
>>> D could incorporate something like this, no?
>>
>> See:
>> https://d.puremagic.com/issues/show_bug.cgi?id=10661
>>
>> Walter seems OK with adding something like that to the D
>> intrinsics.
>
> Nope, the article is about something different. Quote: "With a
> bit of care and a cooperative compiler, we can zero a buffer —
> but that's not what we need."
>
Yeah. But volatileMemset() is a first step in the right direction.
Maybe we can have an attribute @local that advises the compiler
not to do any optimization that copies stuff around and that it
has to clear all used registers at function exit - that would be
really secure and at the same time convenient for programming
cryptography.
More information about the Digitalmars-d
mailing list