Security fail (memset being optimized away)

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Security fail (memset being optimized away)

Richard Smith via cfe-dev
On Jan 3 7:53, Paul Anderson wrote:
 > Hi:
 >
 > There's a discussion of this very issue here:
 >
 > https://wiki.sei.cmu.edu/confluence/display/c/MSC06-C.+Beware+of+compiler+optimizations
 >
 > -Paul


Thanks! I just read through it and couldn't really reach a
conclusion. The section above lists non-portable or "clumsy"
solutions.
In the comments, Douglas A. Gwyn suggested a simple:
memset((volatile char *)pwd, 0, sizeof(pwd));

Unless I'm mistaken, this SHOULD work. Then again, it
should also give you a warning...


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: Security fail (memset being optimized away)

Richard Smith via cfe-dev
I believe that solution is able to be optimized out as well (see the comment in the C99 solution).   memset_s (C11)  and SecureZeroMemory (MSVC) are the two standards compliant ways that guarantee they won't be optimized out.

-----Original Message-----
From: cfe-dev [mailto:[hidden email]] On Behalf Of [hidden email] via cfe-dev
Sent: Thursday, January 3, 2019 8:28 AM
To: [hidden email]
Subject: [cfe-dev] Security fail (memset being optimized away)

On Jan 3 7:53, Paul Anderson wrote:
 > Hi:
 >
 > There's a discussion of this very issue here:
 >
 > https://wiki.sei.cmu.edu/confluence/display/c/MSC06-C.+Beware+of+compiler+optimizations
 >
 > -Paul


Thanks! I just read through it and couldn't really reach a conclusion. The section above lists non-portable or "clumsy"
solutions.
In the comments, Douglas A. Gwyn suggested a simple:
memset((volatile char *)pwd, 0, sizeof(pwd));

Unless I'm mistaken, this SHOULD work. Then again, it should also give you a warning...


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: Security fail (memset being optimized away)

Richard Smith via cfe-dev
On Thu, Jan 3, 2019 at 11:31 AM Keane, Erich via cfe-dev
<[hidden email]> wrote:
>
> I believe that solution is able to be optimized out as well (see the comment in the C99 solution).   memset_s (C11)  and SecureZeroMemory (MSVC) are the two standards compliant ways that guarantee they won't be optimized out.

Unfortunately, memet_s() is part of Annex K (which is an optional
Annex that has not been widely adopted) and SecureZeroMemory() is a
Win32-only API. It's too bad that the standard library maintainers
have been so hostile towards Annex K because this is not a trivial
problem to solve in a portable manner without implementation
collusion.

~Aaron

>
> -----Original Message-----
> From: cfe-dev [mailto:[hidden email]] On Behalf Of [hidden email] via cfe-dev
> Sent: Thursday, January 3, 2019 8:28 AM
> To: [hidden email]
> Subject: [cfe-dev] Security fail (memset being optimized away)
>
> On Jan 3 7:53, Paul Anderson wrote:
>  > Hi:
>  >
>  > There's a discussion of this very issue here:
>  >
>  > https://wiki.sei.cmu.edu/confluence/display/c/MSC06-C.+Beware+of+compiler+optimizations
>  >
>  > -Paul
>
>
> Thanks! I just read through it and couldn't really reach a conclusion. The section above lists non-portable or "clumsy"
> solutions.
> In the comments, Douglas A. Gwyn suggested a simple:
> memset((volatile char *)pwd, 0, sizeof(pwd));
>
> Unless I'm mistaken, this SHOULD work. Then again, it should also give you a warning...
>
>
> _______________________________________________
> cfe-dev mailing list
> [hidden email]
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
> _______________________________________________
> cfe-dev mailing list
> [hidden email]
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev