On 09/10/14 21:52, Ángel González wrote:
The compiler would need to know that memset_s is special (either
intrinsically or thorugh eg. function attributes). Either way, IMHO
an advanced knowledge allowing to optimize it out would be a
violation of K.3.7.4.1.
It would be a perverse thing to do and goes against intent, but we
again fall into the problem of defining an access. But this is
irrelevant anyway: even if a key is stored in an array X in the source
code and the array X is later wiped with memset_s(), there is
absolutely nothing to force the compiler to use X during the
computation: it may well store the key somewhere else altogether. So,
all we can have here is a best effort. Anyone who wants to be sure
that the key is wiped is going to have to do something machine-
dependent.
Andrew.