sutton050

In the 1990's it was common to have to tell folks not to use "popular" password, like "sex", or "god", believe it or not even "password" and "secret".  Since then times have moved on, folks have become very adept at using other characters in their passwords... Unfortunately, this is (very seriously) what one of our IT bods here has just found on a machine: Props to the user for mixing in some numbers, a word and a symbol, however... We can all see the flaw in their storing the password. (Thanks to our IT Manager for letting me use his picture - it is a lovely left hand, I wonder if he does hand modelling?)

When I say not working, I do not mean the function does not work, of course it works.  What I mean is that left to it's on devices the GCC compiler can actually chose to not perform a memset in certain circumstances, you can read more detail about this in the official bug list . So, what's going on?  Well, I have a piece of code which uses a common buffer, each function locks a mutex (std::lock_guard), fills out the buffer and then transmits over USB to target devices, crucially I then want to clear the common buffer. The purpose of this architecture is to keep sensitive information being transmitted through the buffer present for as little time as possible (i.e. the time between filling out and transmit, ~35ms) rather than filling out, transmitting and leaving the data in the buffer; as the time between calls may be anything up to 5 seconds, plenty of time for someone to halt the program and inspect memory dispositions. In pseudo code therefore our sequence looks something li...