From RISKS: secret scrubbing code removed by optimizers

Ben Lindstrom mouring at
Fri Nov 8 09:41:56 EST 2002

I know there has been a lot of talk on private OpenBSD lists and it is
being ensured that gcc never removes memset() entries on OpenBSD.

Personally I think if gcc is optimizing it away it is incorrect.  I
believe 3.2+ GCC series supports a flag to leave memsets, but I'm not sure
how usaged 3.2 is.

- Ben

On Fri, 8 Nov 2002, Darren Tucker wrote:

> This showed up in RISKS and no one has mentioned it here yet, so..
> OpenSSH contains lots of code like:
> char *password = read_passphrase(prompt, 0);
> [do stuff]
> memset(password, 0, strlen(password));
> >From
> "clearing sensitive information such as encryption keys from memory may
> not work as expected because an optimising compiler removes the memset()
> if it decides it's redundant."
> "When compiled with any level of optimisation using gcc, the key
> clearing call goes away because of dead code elimination."
> --
> Darren Tucker (dtucker at
> GPG Fingerprint D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
> _______________________________________________
> openssh-unix-dev at mailing list

More information about the openssh-unix-dev mailing list