From RISKS: secret scrubbing code removed by optimizers
Dan Kaminsky
dan at doxpara.com
Fri Nov 8 13:07:39 EST 2002
Ben Lindstrom wrote:
>I know there has been a lot of talk on private OpenBSD lists and it is
>being ensured that gcc never removes memset() entries on OpenBSD.
>
>Personally I think if gcc is optimizing it away it is incorrect. I
>believe 3.2+ GCC series supports a flag to leave memsets, but I'm not sure
>how usaged 3.2 is.
>
>
Just to be a bit paranoid,
Has somebody actually verified this optimizing behavior in any build
of GCC? Does voliatile actually stop it?
--Dan
More information about the openssh-unix-dev
mailing list