|
|
|
|
|
|
by rurban
2492 days ago
|
|
|
Most libc's added an insecure version of memset_s, doing only the above discussed compiler-barrier, but not a memory-barrier, which is needed for Spectre, broken HW. The default memset should do the compiler-barrier. But unfortunately you cannot talk with libc maintainers about security. Too much arrogance. Thanks to this Redhat article for supporting the user-base on this. You can use my safeclib, which implements the Annex K extensions. |
|
|