[varnishcache/varnish-cache] explicit_bzero() causing havoc (#3051)

Geoff Simmons geoff at uplex.de
Mon Sep 16 12:35:51 UTC 2019

On 9/16/19 13:37, Poul-Henning Kamp wrote:
> Solved in #3057

Repeating my comment in github on the commit (to make sure that everyone
can see it):

The EXPLICIT_BZERO check is still AC_REQUIRE'd in varnish.m4, from
development. Since it's not defined now, this leads to a cascade of
error messages when autogen.sh is called for a VMOD.

Apparently these can be ignored -- I can now compile without a
workaround for ZERO_OBJ. Thank you, I will stop screaming into the abyss

It's worth pointing out, however, that Colin Percival concluded in his
blog that not even this solution guarantees that the memset call won't
be optimized out:


But this gets us much closer to something that will work on most
platforms. It's OpenSSL's solution for wiping keys in memory, so one
hopes that it works most of the time.

** * * UPLEX - Nils Goroll Systemoptimierung

Scheffelstraße 32
22301 Hamburg

Tel +49 40 2880 5731
Mob +49 176 636 90917
Fax +49 40 42949753


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-dev/attachments/20190916/48769897/attachment.bin>

More information about the varnish-dev mailing list