This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 0/3] explicit_bzero v5
On 11/15/2016 10:42 AM, Florian Weimer wrote:
I'm concerned that developers will read all these warnings and use
memset instead (or a hand-written loop) because this appears to avoid
all these issues.
Conversely if we omit the warnings, developers could easily be misled
into thinking that explicit_bzero keeps secrets reliably, and we
wouldn't want to mislead them. Perhaps we could add something like this,
after all the Warnings: paragraphs:
The above warnings do not imply that using @code{memset} or a
hand-written loop are ``safer'' than using @code{explicit_bzero}, as
these other techniques can run afoul of even more problems than
@code{explicit_bzero} does.