portable method to zeroize memory when destroying a mpz number

Vincent Lefevre vincent at vinc17.net
Thu Mar 20 14:30:04 UTC 2014


On 2014-03-20 14:42:11 +0100, Vicente Benjumea wrote:
> void
> mpz_clear_zeroize (mpz_ptr m)
> {
>   if (PTR (m) != NULL) {
>     memset(PTR (m), 0, ALLOC (m) * BYTES_PER_MP_LIMB);

Are you sure that memset is safe? AFAIK, the C implementation
could have some optimization to do nothing if it knows that
the memory will never be read in the context of the C virtual
machine.

And what if the data have been stored in some swap space?

IMHO, you should use your own memory interface.

-- 
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)


More information about the gmp-discuss mailing list