1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
@node explicit_bzero
@subsection @code{explicit_bzero}
@findex explicit_bzero
Documentation:
@itemize
@item
@ifinfo
@ref{Erasing Sensitive Data,,Erasing Sensitive Data,libc},
@end ifinfo
@ifnotinfo
@url{https://www.gnu.org/software/libc/manual/html_node/Erasing-Sensitive-Data.html},
@end ifnotinfo
@item
@uref{https://www.kernel.org/doc/man-pages/online/pages/man3/explicit_bzero.3.html,,man explicit_bzero}.
@end itemize
Gnulib module: explicit_bzero
The @code{explicit_bzero} function is an approximation to what is
needed, and does not suffice in general to erase information.
Although calling @code{explicit_bzero} should clear the memory in
question, the information that was in memory may still be available
elsewhere on the machine. Proper implementation of information
erasure requires support from levels below C code.
C23 specifies the function @code{memset_explicit}, which should be
preferred to @code{explicit_bzero} in new code.
@xref{memset_explicit}.
Portability problems fixed by Gnulib:
@itemize
@item
This function is missing on some platforms:
glibc 2.24, FreeBSD 10, NetBSD 7.1, OpenBSD 5.4, macOS 10.12, Solaris 11.4, Android 9.0,
and many other systems.
@end itemize
Portability problems not fixed by Gnulib:
@itemize
@item
Although the module's implementation should clear the memory on
platforms compatible with GCC and on platforms using traditional
linkers, it may not clear the memory on non-GCC platforms that use
whole-program optimization.
@end itemize
|
