Safe Clearing of Private Data

We often need to store private data in programs, for example passwords, secret keys, and their derivatives, and we usually need to clear their traces in the memory after using them so that a potential intruder can’t gain access to these data. In this article we will discuss why you can’t clear private data using memset() function.

Picture 1

Continue reading

Finding bugs in the code of LLVM project

About two months ago I wrote an article about the analysis of GCC using PVS-Studio. The idea of the article was as follows: GCC warnings are great, but they’re not enough. As proof of my words I showed errors that PVS-Studio was able to find the GCC code. A number of readers have noticed that the quality of the GCC code, and its diagnosis, aren’t really great; while Clang compiler is up to date, of high quality, and fresh. In general Clang is awesome! Well, apparently, it’s time to check LLVM project.


Continue reading