On Wed, 2002-10-30 at 10:11, Peter Gutmann wrote: > When compiled with any level of optimisation using gcc, the key clearing call > goes away because of dead code elimination (see the MSDN article for more > details on this, which uses VC++ to get the same effect). While you can > kludge enough stuff around a custom memory-clear call to fool the optimiser > (hacks with 'volatile', touching the memory after it's cleared and hoping the > optimiser is fooled, etc etc) there's no guarantee that it'll work for > anything but the compiler(s) you happen to test it with - any future > enhancement to the optimiser may turn it back into a nop. What it really > needs is the addition of a #pragma dont_remove_this_code_you_bastard in the > compiler. Until then, a lot of security code will be affected by this > problem. The off-list discussion about band-aids was fun. Regarding the pragma, it does exist for VC++. #pragma optimize( "", off ) Turns off all optimization. #pragma optimize( "", on ) Restores the optimization settings to the original values. I haven't looked at gcc yet, but even if it had such a #pragma, there is always the issue of developer education. But this is what your post was about I believe... Regards, Frank
This archive was generated by hypermail 2b30 : Thu Oct 31 2002 - 09:16:11 PST