On Wed, 30 Nov 2022 at 16:27, Jonny Grant <jg@xxxxxxxx> wrote: > > Hello > > Does GCC have a clear way to avoid memset being compiled out by optimiser? > > This article came up, so I combined the broken.c with GCC > gcc -Wall -O2 -o broken broken.c > > Note, I've been using gcc for many years, I'm not looking for just tips how to compile code. I only want to discuss this optimiser issue :-) > > https://blog.cloudflare.com/the-linux-kernel-key-retention-service-and-why-you-should-use-it-in-your-next-application/ > > If I modify to clear the buffer, it gets removed by the compiler > > The only way I could get it to not remove the memset is by adding another printf, (propagating a return code after checking memset wasn't enough) This is simpler and works for me, but I'm not sure if it's guaranteed to always work: __attribute__((noinline,noipa)) void wipe(void* p, size_t n) { memset(p, 0, n); } static int encrypt(void) { uint8_t key[] = "hunter2"; printf("encrypting with super secret key: %s\n", key); wipe(key, 8); } There is discussion of alternatives in https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1358.pdf (starting on page 6). The memset_s function was added to C in Annex K, but most implementations of the C library do not support Annex K.
