Consider the following program:
#include <stdlib.h>
#include <string.h>
int main( void )
{
void *p = malloc( 4 );
if ( p )
{
strcpy( p, "SEC" );
free( memset( p, 0, 4 ) );
}
return 0;
}
Are the characters in the memory block pointed to by p (assuming the memory
allocation succeeded) guaranteed to be set to 0, just before the memory is
being deallocated; or is a compiler allowed to 'optimize away' the call to
memset?
18  11967 
dykeinthebox wrote:
Consider the following program:
#include <stdlib.h>
#include <string.h>
int main( void )
{
void *p = malloc( 4 );
if ( p )
{
strcpy( p, "SEC" );
free( memset( p, 0, 4 ) );
}
return 0;
}
Are the characters in the memory block pointed to by p (assuming the memory
allocation succeeded) guaranteed to be set to 0, just before the memory is
being deallocated; or is a compiler allowed to 'optimize away' the call to
memset?
Since a conforming program cannot tell the difference,
the "as if rule" holds and the compiler is permitted to
delete the memset() call. For that matter, it is allowed
to delete the strcpy(), the if, and the malloc(): none of
them have any influence on the program's observable behavior,
so all of them can be optimized away.
What are you trying to do? Ensure that a password or
similar secret item doesn't show up in a core dump?
--
Eric Sosman es*****@acm-dot-org.invalid
In article <f4**********@n ews6.zwoll1.ov. home.nl>,
dykeinthebox <dy**********@h otrmail.comwrot e:
>Consider the following program:
#include <stdlib.h>
#include <string.h>
int main( void )
{
void *p = malloc( 4 );
if ( p )
{
strcpy( p, "SEC" );
free( memset( p, 0, 4 ) );
}
return 0;
}
Are the characters in the memory block pointed to by p (assuming the memory
allocation succeeded) guaranteed to be set to 0, just before the memory is
being deallocated; or is a compiler allowed to 'optimize away' the call to
memset?
I don't believe there's any way that a strictly conforming program can
tell the difference, so the as-if rule allows the compiler to optimize
it away.
What are you Really Trying To Do? (If it's what I think it is, the OS
should be doing it for you.)
dave
--
Dave Vandervies dj******@csclub .uwaterloo.ca
Surprise your compiler. Write better code than it asks you to.
--Keith Thompson in comp.lang.c
dykeinthebox wrote, On 10/06/07 21:39:
Consider the following program:
#include <stdlib.h>
#include <string.h>
int main( void )
{
void *p = malloc( 4 );
if ( p )
{
strcpy( p, "SEC" );
free( memset( p, 0, 4 ) );
}
return 0;
}
Are the characters in the memory block pointed to by p (assuming the memory
allocation succeeded) guaranteed to be set to 0, just before the memory is
being deallocated; or is a compiler allowed to 'optimize away' the call to
memset?
Since there is no way for a conforming program to tell the difference by
the "as-if" rule it is allowed to optimise out the memset.
If you are looking at this from a security perspective (i.e. you want to
guarantee that someone can't examine memory to get passwords) they I
suggest asking in a security group and/or a group dedicated to your
platform since C does not help you very much.
--
Flash Gordon
On Jun 10, 5:10 pm, dj3va...@csclub .uwaterloo.ca (Dave Vandervies)
wrote:
What are you Really Trying To Do? (If it's what I think it is, the OS
should be doing it for you.)
Why? AFAIK the libc should simply put the memory block back on the
free chain(s).
Regards,
Frodo B
On Jun 10, 4:39 pm, "dykeintheb ox" <dykeinthe...@h otrmail.comwrot e:
allocation succeeded) guaranteed to be set to 0, just before the memory is
being deallocated; or is a compiler allowed to 'optimize away' the call to
memset?
If it is important for memset() to be called, would it improve matters
if the pointer was volatile?
Of course, optimization flags are OT here.
Regards,
Frodo B
Frodo Baggins <fr*********@gm ail.comwrites:
On Jun 10, 4:39 pm, "dykeintheb ox" <dykeinthe...@h otrmail.comwrot e:
>allocation succeeded) guaranteed to be set to 0, just before the memory is
being deallocated; or is a compiler allowed to 'optimize away' the call to
memset?
If it is important for memset() to be called, would it improve matters
if the pointer was volatile?
Of course, optimization flags are OT here.
Probably not, but it might help if the data the pointer points to is
volatile.
--
Keith Thompson (The_Other_Keit h) ks***@mib.org <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <* <http://users.sdsc.edu/~kst>
"We must do something. This is something. Therefore, we must do this."
-- Antony Jay and Jonathan Lynn, "Yes Minister"
In article <f4**********@n ews6.zwoll1.ov. home.nl>,
dykeinthebox <dy**********@h otrmail.comwrot e:
strcpy( p, "SEC" );
free( memset( p, 0, 4 ) );
If the "SEC" here indicates that you're worried about security, you
need to describe just what you're trying to achieve. On a
general-purpose operating system, no other program should be able to
see the data: it will be zeroed before it's allocated to another
program. A user with normal privileges should not be able to
look at it, unless they're running the program.
In theory using volatile might force the write to occur, but in
practice I doubt any compiler does the optimisation anyway - it's hard
to imagine a situation where it would be worthwhile.
-- Richard
--
"Considerat ion shall be given to the need for as many as 32 characters
in some alphabets" - X3.4, 1963.
dykeinthebox wrote:
>
#include <stdlib.h>
#include <string.h>
int main( void ) {
void *p = malloc( 4 );
if ( p ) {
strcpy( p, "SEC" );
free( memset( p, 0, 4 ) );
}
return 0;
}
Are the characters in the memory block pointed to by p (assuming
the memory allocation succeeded) guaranteed to be set to 0, just
before the memory is being deallocated; or is a compiler allowed
to 'optimize away' the call to memset?
Since, after the free call, nothing can tell the difference, it can
optimize it out.
--
<http://www.cs.auckland .ac.nz/~pgut001/pubs/vista_cost.txt>
<http://www.securityfoc us.com/columnists/423>
<http://www.aaxnet.com/editor/edit043.html>
<http://kadaitcha.cx/vista/dogsbreakfast/index.html>
cbfalconer at maineline dot net
--
Posted via a free Usenet account from http://www.teranews.com
On Sun, 10 Jun 2007 23:57:37 -0000, Frodo Baggins
<fr*********@gm ail.comwrote in comp.lang.c:
On Jun 10, 4:39 pm, "dykeintheb ox" <dykeinthe...@h otrmail.comwrot e:
allocation succeeded) guaranteed to be set to 0, just before the memory is
being deallocated; or is a compiler allowed to 'optimize away' the call to
memset?
If it is important for memset() to be called, would it improve matters
if the pointer was volatile?
Of course, optimization flags are OT here.
You can't pass a volatile pointer to memset(). memset() only accepts
a non-cv qualified void pointer. To pass a volatile pointer, you must
use a cast to remove the volatile qualifier, and the result is
undefined behavior.
So there is still no reason that the implementation can't optimize
away the call.
--
Jack Klein
Home: http://JK-Technology.Com
FAQs for
comp.lang.c http://c-faq.com/
comp.lang.c++ http://www.parashift.com/c++-faq-lite/
alt.comp.lang.l earn.c-c++ http://www.club.cc.cmu.edu/~ajo/docs/FAQ-acllc.html This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: bob_jenkins |
last post by:
{
const void *p;
(void)memset((void *)p, ' ', (size_t)10);
}
Should this call to memset() be legal? Memset is of type
void *memset(void *, unsigned char, size_t)
Also, (void *) is the generic pointer type.
My real question is, is (void *) such a generic pointer type that it
|
by: Frederick Ding |
last post by:
Hi, guys,I met a problem, Please look at the problem below:
int* bit = (int*)malloc(10000*sizeof(int));
memset(bit, 1, 10000*sizeof(int));
printf("%d %d %d\n", bit,bit, bit);
Output: 16843009 16843009 16843009
Obviously I set the bit to bit to 1, but it outputs are not
1's.
|
by: Patrick Kowalzick |
last post by:
Dear all,
I have an existing piece of code with a struct with some PODs.
struct A
{
int x;
int y;
};
|
by: hack_tick |
last post by:
hi Guys!
I am having a class, having around 300+ pointers ONLY, I need to set
them all NULL, when the object is created.
The best way I think is
memset(this, NULL, sizeof(classname));
whats your suggestion??
|
by: dbansal |
last post by:
Hi group,
I have a question to ask you all. I have allocated some chunk of
memory using ptr=(int*)malloc(). now I am trying to free that memory
using free((void*)ptr). My question is does free() make ptr NULL? If
not how do we know whether ptr memory has been freed already and we
should not try to free the same memory twice. Man pages does not tell
anything about this behavoiur.
Thanks,
| | |
by: AndersWang |
last post by:
Hi,
dose anybody here explain to me why memset would be faster than a
simple loop. I doubt about it!
In an int array scenario:
int array;
for(int i=0;i<10;i++) //ten loops
|
by: Martin Wells |
last post by:
I'm trying to come up with a fully-portable macro for supplying memset
with an unsigned char rather than an int. I'm going to think out loud
as I go along. . .
I'll take a sample system before I begin:
CHAR_BIT == 16
sizeof(short) == sizeof(int) == 1
Assume none of the integer types have padding bits
Sign-magnitude
|
by: sirsnorklingtayo |
last post by:
hi guys please help about Linked List,
I'm having trouble freeing the allocated memory of a single linked list node with a dynamic char* fields, it doesn't freed up if I use the FREE() function in C.. But if I try to use a single linked list with a static char array fields I can free the memory allocated with out any problems using the FREE(). So, why freeing a single linked list with dynamic char* is hard and why the FREE() function is...
|
by: Bill Cunningham |
last post by:
When I want to clear memory space this is what I typically do myself,
char a;
int i;
for (i=0;i != 100;++i)
a='\0';
Now with the function memset I could do the same thing and it would be
portable. But would it always work?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
