From: "Trei, Peter" <ptrei@rsasecurity.com>

[Moderator's note: FYI: no "pragma" is needed. This is what C's "volatile" keyword is for. Unfortunately, not everyone writing in C knows the language. --Perry]

Thanks for the reminder about "volatile." It is an ancient and valuable feature of C and I suppose it's implemented correctly under gcc and some of the Windoze compilers even with high optimization options like -O2.

...

From RISKS: http://catless.ncl.ac.uk/Risks/22.35.html#subj6

Those of us who write code need to be reminded of this now and then.

Everybody probably also knows about the gnupg trick, where they define a recursive routine called "burn_stack": static void burn_stack (int bytes) { char buf[64]; memset (buf, 0, sizeof buf); bytes -= sizeof buf; if (bytes > 0) burn_stack (bytes); } Then there's the vararg technique discussed in Michael Welschenbach's book "Cryptography in C and C++": static void purgevars_l (int noofvars, ...) { va_list ap; size_t size; va_start (ap, noofvars); for (; noofvars > 0; --noofvars) { switch (size = va_arg (ap, size_t)) { case 1: *va_arg (ap, char *) = 0; break; case 2: *va_arg (ap, short *) = 0; break; case 4: *va_arg (ap, long *) = 0; break; default: memset (va_arg(ap, char *), 0, size); } } va_end (ap); } Here's an example of how you might call the routine: purgevars_l(2, sizeof (la), &la, sizeof (lb), &lb); But hey, if "volatile" keyword works then so much the better. I would recommend examining the assembly language output of your compiler to verify that it honours "volatile." -- Patrick http://fexl.com