In my blog post yesterday concerning zeroing arrays without interference from compiler optimization I incorrectly claimed that the following code was guaranteed to zero an array on any conforming C compiler:
static void * (* const volatile memset_ptr)(void *, int, size_t) = memset;

static void
secure_memzero(void * p, size_t len)

        (memset_ptr)(p, 0, len);

        uint8_t key[32];


        /* Zero sensitive information. */
        secure_memzero(key, sizeof(key));

While I was correct in stating that the compiler is required to access memset_ptr and is forbidden from assuming that it will not change to point at some other function, I was wrong to conclude that these meant that the compiler could not avoid zeroing the buffer: The requirement to access the memset_ptr function pointer does not equate to a requirement to make a call via that pointer. As "davidtgoldblatt" pointed out on Hacker News, a compiler could opt to load memset_ptr into a register, compare it to memset, and only make the function call if they are unequal, since a call to memset in that place is known to have no observable effect.

In light of this and other observations, I do not believe that there is any way to force a C99 compiler (i.e., one which conforms to the standard but is otherwise free to act as perversely as it wishes) to generate code to zero a specified non-volatile object.

Posted at 2014-09-05 23:05 | Permanent link | Comments
blog comments powered by Disqus

Recent posts

Monthly Archives

Yearly Archives