-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, Feb 28, 2003 at 01:49:34AM -0500, Patrick Chkoreff wrote: > Now see, I've known about volatile since about 1985. It's just that > all these cryptography books make such a big show and hoopla about > zeroing out memory. Even the GnuPG code does the 'burn_stack' thing, > which was shown on the DBS list to be vulnerable. > > So I figured the volatile feature must be horribly unreliable. I guess > I'll just have to check the assembler output from gcc to make sure.
volatile must, by definition work correctly, and it really does mean "don't touch this code you bastard optimizer". As Perry Metzger pointed out over on his cryptography list when this came up several months ago, the basic device drivers running your computer wouldn't work if volatile wouldn't work because there are situations where you MUST read something from a hardware address and discard the output in order to trigger the device to take some certain action. That device's specs are completely outside the ken of the compiler, which is why we have volatile. If it doesn't work in your compiler, your compiler is broken by design. - -- gabriel rosenkoetter [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (NetBSD) iD8DBQE+X23D9ehacAz5CRoRAnI4AJ9PtTpOxRXyN2MvJgnrj+MoSmMYKwCfXWhf fSB9Kqh1hjBiCUC6euQOz9U= =QgBZ -----END PGP SIGNATURE-----