improve a comment in memwipe

author Nick Mathewson <nickm@torproject.org>

Thu, 10 Dec 2015 14:03:47 +0000 (09:03 -0500)

committer Nick Mathewson <nickm@torproject.org>

Thu, 10 Dec 2015 14:03:47 +0000 (09:03 -0500)
author Nick Mathewson <nickm@torproject.org>
Thu, 10 Dec 2015 14:03:47 +0000 (09:03 -0500)
committer Nick Mathewson <nickm@torproject.org>
Thu, 10 Dec 2015 14:03:47 +0000 (09:03 -0500)
diff --git a/src/common/crypto.c b/src/common/crypto.c

index 816423aa857ac60583e1c6ca542d0eb217d7cf44..ba5c8a79b57d6bc37ea46972cb2b60c48047d2ef 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2817,7 +2817,11 @@ memwipe(void *mem, uint8_t byte, size_t sz)
     * variable.  It's an elaborate ruse to trick the compiler into not
     * optimizing out the "wipe this memory" code.  Read it if you like zany
     * programming tricks! In later versions of Tor, we should look for better
-   * not-optimized-out memory wiping stuff. */
+   * not-optimized-out memory wiping stuff...
+   *
+   * ...or maybe not.  In practice, there are pure-asm implementations of
+   * OPENSSL_cleanse() on most platforms, which ought to do the job.
+   **/
    OPENSSL_cleanse(mem, sz);
    /* Just in case some caller of memwipe() is relying on getting a buffer
     * filled with a particular value, fill the buffer.
author	Nick Mathewson <nickm@torproject.org>
	Thu, 10 Dec 2015 14:03:47 +0000 (09:03 -0500)
committer	Nick Mathewson <nickm@torproject.org>
	Thu, 10 Dec 2015 14:03:47 +0000 (09:03 -0500)