考虑代码:
procedure DoSmthSecret;
var
Seed: array[0..31] of Byte;
begin
// get random seed
..
// use the seed to do something secret
..
// erase the seed
FillChar(Seed, SizeOf(Seed), 0);
end;
代码的问题是:FillChar是一个编译器内在函数,编译器可能会对其进行优化"。问题是C / C ++编译器所知,请参阅SecureZeroMemory。现代Pascal编译器(Delphi,FPC)可以进行这样的优化,如果可以的话,它们是否提供了与SecureZeroMemory等价的产品?
答案 0 :(得分:3)
FPC can't do such optimizations at the moment, and afaik even with C++ they belong into the "uncertain" class. (since the state of the program due to this optimization ignores what the programmer tells it to be)
Solving such problem is a matter of defining which constructs can be optimized out and which not. It doesn't need API/OS assistance per se, any externally linked object file with such function would do (since then global optimization wouldn't touch it)
Note that the article doesn't name the C++ compiler specifically, so I expect it is more a general utility function for when an user of a compiler gets into problems, without hitting the docs too hard, or when it must easily work on multiple (windows-only!) compilers without overly complicating the buildsystem.
Choosing a non inlinable API function might be non optimal in other cases, specially with small, constant sizes to zero, since it won't be inlined, so I would be careful with this function, and make sure there is a hard need
It might be important mainly when an external entity can change memory (DMA, memory mapping etc) of a program, or to erase passwords and other sensitive info from the memory image, even if the program according to the compiler will never read it
答案 1 :(得分:1)
即使如果 FreePascal会优化写入永远不会再次读取的内存(我怀疑它是atm,无论你们多久讨论它),它确实支持绝对类型修饰符,它保证(记录)从不优化(有点类似于C / C ++中的 volatile )。