Adopt a new universal implementation of smemclr().

This new implementation uses the same optimisation-barrier technique that I used in various places in testsc: have a no-op function, and a volatile function pointer pointing at it, and then call through the function pointer, so that nothing actually happens (apart from the physical call and return) but the compiler has to assume that _anything_ might have happened. Doing this just after a memset enforces that the compiler can't have thrown away the memset, because the called function might (for example) check that all the memory really is zero and abort if not. I've been turning this over in my mind ever since coming up with the technique for testsc. I think it's far more robust than the previous smemclr technique: so much so that I'm switching to using it _everywhere_, and no longer using platform alternatives like Windows's SecureZeroMemory().
2025-07-01 03:22:48 -05:00 · 2021-04-17 17:59:43 +01:00
parent 5bb24a7edd
commit 395c228bee
7 changed files with 28 additions and 55 deletions
--- a/cmake/platforms/windows.cmake
+++ b/cmake/platforms/windows.cmake
@ -36,9 +36,6 @@ define_negation(NO_MULTIMON HAVE_MULTIMON_H)
 check_include_files("windows.h;htmlhelp.h" HAVE_HTMLHELP_H)
 define_negation(NO_HTMLHELP HAVE_HTMLHELP_H)

-check_symbol_exists(SecureZeroMemory "windows.h" HAVE_SECUREZEROMEMORY)
-define_negation(NO_SECUREZEROMEMORY HAVE_SECUREZEROMEMORY)
-
 check_symbol_exists(strtoumax "inttypes.h" HAVE_STRTOUMAX)
 check_symbol_exists(AddDllDirectory "windows.h" HAVE_ADDDLLDIRECTORY)
 check_symbol_exists(SetDefaultDllDirectories "windows.h"