New submission from Christian Heimes: Compilers like GCC optimize away code like memset(var, 0, sizeof(var)) if the code occurs at the end of a function and var is not used anymore [1]. But security relevant code like hash and encryption use this to overwrite sensitive data with zeros.
The code in _sha3module.c uses memset() to clear its internal state. The other hash modules don't clear their internal states yet. There exists a couple of solutions for the problem: * C11 [ISO/IEC 9899:2011] has a memset_s() function * MSVC has SecureZeroMemory() * GCC can disable the optimization with #pragma GCC optimize ("O0") since GCC 4.4 * [2] contains an example for a custom implementation of memset_s() with volatile. [1] http://gcc.gnu.org/bugzilla/show_bug.cgi?id=8537 [2] https://www.securecoding.cert.org/confluence/display/seccode/MSC06-C.+Be+aware+of+compiler+optimization+when+dealing+with+sensitive+data ---------- assignee: christian.heimes messages: 184032 nosy: christian.heimes priority: normal severity: normal stage: needs patch status: open title: Add _Py_memset_s() to securely clear memory type: security versions: Python 3.4 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue17405> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com