[15650] in cryptography@c2.net mail archive
Re: Passwords can sit on disk for years
daemon@ATHENA.MIT.EDU (Ben Laurie)
Tue Jun 22 10:56:12 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 21 Jun 2004 12:40:54 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: jdean@lsuhsc.edu
Cc: cryptography@metzdowd.com
In-Reply-To: <EXCHMX2YixMwInhdAHx00001b7e@relay.lsuhsc.edu>
jdean@lsuhsc.edu wrote:
> Ben Laurie wrote:
>
>
>>In OpenSSL we overwrite with random gunk for this reason.
>
>
> What? No compiler is smart enough to say, "The program
> sets these variables but they are never referenced again.
> I'll save time and not set them."
Sure it is, here's gcc -O3:
main()
{
int a=3;
}
becomes:
.file "xx.c"
.version "01.01"
gcc2_compiled.:
.text
.p2align 2,0x90
.globl main
.type main,@function
main:
pushl %ebp
movl %esp,%ebp
leave
ret
.Lfe1:
.size main,.Lfe1-main
.ident "GCC: (GNU) c 2.95.4 20020320 [FreeBSD]"
look, ma, no variables!
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
