I hate glowniggers so much it's unreal. How do we fix this?
>(((compilers)))
Bentley Reed
Other urls found in this thread:
pvs-studio.com
git.musl-libc.org
twitter.com
Leo Martinez
Gabriel Wilson
Imagine still coding in C++ when you have superior languages like Python and Java.
Jaxon Young
dont put python and java in the same sentence
Levi Johnson
>The explicit_bzero() function performs the same task as bzero(). It differs from bzero() in that it guarantees that optimizations will not remove the erase operation if the compiler deduces that the operation is "unnecessary".
This is a solved problem
Christian Reed
yes. Java is even more robust and safe.
Liam Sanders
Weak bait.
Owen Murphy
memset_s
Carter Ross
Why not just fix the compiler?
Robert Martin
>MD5
>sensitive information
>uses the stack
Mason Butler
>std::vector buffer (64);
>buffer.clear();
How will C-tards cope?
Eli Rivera
>Imagine still coding in C++
Nothing wrong with C or C++ as long as you adhere to procedural style and not the OOP meme.
William Rivera
>How do we fix this?
Don't use memset - make your own function to do what you want it to do... or choose a different compiler.
Logan Brooks
>How do we fix this?
Use Rust
Jacob Reyes
there's probably some compiler directive you can use to prevent something being optimised out. I dont know, I dont write code I have to worry about in this manner
Thomas Rogers
explicit_bzero, or use libsodium for other handy functions
there is nothing wrong with OP's pic. if you work with sensitive data you should approach it differently even regarding allocation. malloc data or stack can leak do coredumps or swap on disk or get allocated without cleaning to another process.
Cameron Evans
>retarded niggers still zero out the memory when their operating system will always zero out the memory before handing it off to any other unprivileged process
first of all, if you're "defensively" zeroing out memory in your own process to "mitigate" bugs like heartbleed, you have no right or any authority telling me what a secure system looks like, dumb nigger monkey, kill yourself
David Wood
that only sets size to 0 retard, it doesn't zero out the memory nor deallocates it
>and that's a good thing
Angel Richardson
>How do we fix this?
So... suppose you make a volatile pointer to the buffer, and then use that with memset. Since it's volatile, the compiler has to treat every write as deliberate, no?
Jordan Sullivan
now suppose instead of doing that, you stopped zeroing out the memory pointlessly and instead fixed the bugs that cause your memory to be leaked to 3rd party programs and maybe even, entities on the other end of the wire
Joshua Hughes
>wasting cpu cycles on pointless security theatre
based compiler btfos fag
Benjamin Long
And what if I don't know there's a bug? What if there's not a bug, but some other program uses rowhammer to force the data out of memory with no software being exploited to get it? Honestly, a little bit of redundant security never hurt anyone.
Connor Gonzalez
git.musl-libc.org
common technique is to just fake read with inline assembly
this is like the worst topic to discuss online. every SO and other forums are just bloated with uneducated wrong answers
whoah something about zeroing memory really triggers you
Thomas Morgan
then you're a dumb nigger monkey and zeroing out memory won't help
something about dumb niggers wasting time on bandaiding the real problem instead of fixing it really does trigger me, I just can't figure out what exactly