Am Donnerstag, 14. April 2016, 15:25:17 schrieb Tudor-Dan Ambarus: Hi Tudor, > > > > > +{ > > > + if (key->d) { > > > + memset(key->d, '\0', key->n_sz); > > > > memzero_explicit, please > > I don't think this is really needed. memzero_explicit is used only on stack > variables that get cleared just before they go out of scope. Are you so sure that a compiler is not getting smart on seeing a memset followed by a free without marking the pointer as volatile? You free the pointer immediately after memset(). I would not want to bet anything that a compiler would leave the memset for non-volatile pointers. Besides, memzero_expicit does not cost anything -- it does not add any instruction but convinces the compiler to not optimize it away. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html