better way to zero away sensitive data

weltling · weltling · commit 8d075b6e4dbf · 2014-09-14T11:48:51.000+02:00
memset could be optimized away by the compiler
diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c
@@ -206,7 +206,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
 	}
 
 	/* Don't leave anything around in vm they could use. */
-	memset(final, 0, sizeof(final));
+	RtlSecureZeroMemory(final, sizeof(final));
 
 	/* Then something really weird... */
 	for (i = pwl; i != 0; i >>= 1) {
@@ -288,7 +288,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
 
 	*p = '\0';
 
-	memset(final, 0, sizeof(final));
+	RtlSecureZeroMemory(final, sizeof(final));
 
 
 _destroyCtx1:
