|
SecureZeroMemory(...) should not really be used for first initialization of a buffer, because if you use memset(...) right before you use the buffer, the call to memset(...) will not be optimized away.
You use SecureZeroMemory(...) in situations where you are clearing a buffer AFTER its use. For example, if you decode/decrypt something into a buffer, and you want to make sure that the plaintext is not lying around in memory somewhere so you clear the buffer before deallocating it (or exiting the function).
It is situations where the last thing you do to the buffer is call memset(...) on it where it can get optimized away.
Peace!
-=- James Please rate this message - let me know if I helped or not!<HR> If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong! Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road! See DeleteFXPFiles
|
|
|
|
|
You're right, it should definitely be used for clearing e.g. passwords from memory.
But where did you get the info that an initial memset(...) / ZeroMemory(...) is never optimized away? Furthermore I cannot see any info on MSDN that it's a no-go to do the first initialization with SecureZeroMemory(...) . Just a speed issue - saving 42 CPU cycles?
cheers!
mykel
OMM: "Let us be thankful we have an occupation to fill. Work hard, increase production, prevent accidents and be happy."
|
|
|
|
|
The optimization that can remove the last memset(...) is based on whether or not the memory being memset(...) is ever read after being written to (by memset(...) ).
In cases of initialization, you can safely use memset(...) because you will be reading the memory at some point after the initial call to memset(...) (well, at least you would be in general).
By using memset(...) to clear after use, when you are all done with the memory, if you do not read from that memory again, the optimizer assumes that if you never read what you wrote, you did not need to write it, and can optimize away the call.
Cycle counting only makes sense when you know your target hardware. Without knowing the actual differences in what SecureZeroMemory(...) actually has to do behind the scenes (e.g. does it have to read each and every byte/32-bit value it writes to), it is safer to assume that if you do not need the assurances that it provides, you do not need to use the function.
Peace!
-=- James Please rate this message - let me know if I helped or not!<HR> If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong! Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road! See DeleteFXPFiles
|
|
|
|
|
Makes perfectly sense... thanks for the answer!
No FUD anymore when initializing memory!
But tell me one more thing: Is this behavior your personal experience or where did you get that deep knowledge of code optimization?
cheers!
mykel
OMM: "Let us be thankful we have an occupation to fill. Work hard, increase production, prevent accidents and be happy."
|
|
|
|
|
This kind of knowledge and wisdom is based on what I have learned, what I have done, and both together.
Most of my professional development has been with server-side development for financial-related products, so I learned very quickly that the stuff you get away with on the client side just does not cut it on the server side. Taking .5 seconds longer than necessary to do something when the market is moving away from you can cost real $$$ in the real world.
So I spend much of my professional development life researching things like CPU architecture and code-level optimization techniques so that when milliseconds count, people can count on me.
Peace!
-=- James Please rate this message - let me know if I helped or not!<HR> If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong! Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road! See DeleteFXPFiles
|
|
|
|
|
Kudos! Keep on rocking!
What's making CodeProject so precious are experts like you! I mean real experts. Not those C# experts (if you feel insulted, insert VB) who think they are experts because they don't know anything else.
cheers!
mykel
OMM: "Let us be thankful we have an occupation to fill. Work hard, increase production, prevent accidents and be happy."
|
|
|
|
|
memset(...) will be a better alternative because it is optimized - setting individual bytes to zero is slower than setting 32-bit units to zero(on a 32-bit system). memset(...) should walk the buffer byte-by-byte until it gets to a 32-bit boundary and will then increase its stride to 32-bit (4 bytes) units till it gets to the end (slowing back to byte-by-byte if neccessary if the end of the buffer is not on a 32-bit boundary).
As an aside, using the bracket notation may produce better performance than manually calculating a pointer offset as aliasing can hinder optimization:
for (int i = 0; i < nBufLength; i++)
{
pBuffer[ i ] = 0;
} Oh, and BTW - the buffer is filled with those 0xCD characters only in debug builds. In release builds, and in the absence of any memory-allocation utility/library being used, that memory may be filled with random garbage. I only mention this because I have actually seen developers look for the debugger-specific values in a buffer to try to determine if uninitialized memory is being used, or if they are off the beginning or end of a buffer (!!:wtf:!!) .
Peace!
-=- James Please rate this message - let me know if I helped or not!<HR> If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong! Avoid driving a vehicle taller than you and remember that Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road! See DeleteFXPFiles
|
|
|
|
|
Thanks for both answers. I have learned someting new.
End result is:
nBufLength = nTotalArea - nValidWrittenData;
BYTE* pBuffer = NULL;
pBuffer = new BYTE [nBufLength];
memset (pBuffer, 0, nBufLength);
Greetings.
--------
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
|
|
|
|
|
Dear Experts,
I am writing one simple win32 application for collecting " Wireless network
adapter Device change events like Arrival/removal/disable etc.." .
For this i want to register the Device Interface GUID using
RegisterDeviceNotification(...) function and by using WM_DEVICECHAGE message i
will receive all notofications.
Please can any one tell me what is the "Wireless network adapter Interface GUID"
that i should use.
And if any alternative is there please let me know.
Thanks in Advance,
Are
|
|
|
|
|
Hello friends,
1.I am facing one small problem in socket programming, my client is in c (visual studio)and client is in VB.when i am sending data from client it is sending 81 byte string (correct data)on reciever end some unwanted data(ìÿ¼³W|l) it is also appending in the correct data.
2.One more problem is that because client is sending at the fast rate data is accumulated on reciever end if the buffer size is greater(e.g.260) then correct data size(81) and after 3-4 string of correct data that unwanted data (ìÿ¼³W|l)is appending at the end.
If anyone have any solution to this problem plz suggest me the solution
Lalit Aggarwal
|
|
|
|
|
laggraw wrote: on reciever end some unwanted data(ìÿ¼³W|l) it is also appending in the correct data
Set the receiving buffer to zero or append a null('\0') charecter at the end the receiving data. the end can be found out by the return value of the recv function.
Hope it will help you..
Do your Duty and Don't expect the Result
|
|
|
|
|
Actually problem is not so simple, our client is in VB where we declare on string type variable and we are appending the structure in the vairbel e.g. 10 times then send the data.This dat may vary between 76 to 83 bytes.
On client side we delared the a buffer of 512 byte, which is already declared in the orginal code,the data which are coming from client side is accumulating in the buffer before we read it from it.
So what we did for this problem we just filled rest of the space of buffer with some extra character and on receiver side we are taking correct data upto that extra character.But one new problem we are facing in this approach that sometimes data is coming between extra character
like
correct data format
8172646124975975570950098908**********************************************
unwanted/corrupted data
************************45667*********************************************
so i am not able to understand why this data coming in between the extra character.
Thanx
Lalit Aggarwal
|
|
|
|
|
What are you sending exactly ? Are the packets always constant size ? If no, how are you reading the data (show the code when you call recv funtion).
The socket will never append data: it just send what you asked it to send. So either:
- you send too much data
- or you try to read data after the data you received (so you read in memory after the received data, which is uninitialize memory, which explains those garbage characters).
|
|
|
|
|
Actually my client in VB, there we declared a string variable and we are appending data into that and after that we are sending data to the server which is in simple C language, where we declare a 512 byte buffer to collect the data.Data is of variable size vary between 76 to 83 byte.
Actually code is already written we just modifying it, perviously we are using this program on same host, but now our customer want to use this program on different host, so actually becoz buffer was very large so data is accumulating in the buffer before reading so we got some accumulated data and some corrupt data also.
Now what we did we just filling rest of the space of buffer by'*'(on client side) and taking the correct data on server side upto 1st '*' is encounter.
But in this approach we are facing one more problem we faced that some times data is correct some time some bytes of data is coming between '*'
like
correct data:
115237887261448874974239*****************************************************
uncorrect data:
********************************78798****************************************
i am not able to understand why these byte coming in between '*'.
Sorry sir our code is simple on like any other simple program, but i cant share u may code.
thanks
Lalit Aggarwal
|
|
|
|
|
Why don't you simply prepend the size of the data at the begining of the packet and only send what you need to send (without all those unnecessary * characters) ? On the receiver side, read first the size of the data and then read the appropriate number of bytes.
|
|
|
|
|
Hi,
I need to place a color combo box in one of the property pages and i downloaded color combobox Activex control. It is running successfully but the problem is whenever i run my program and click that property page it is showing an about box saying that it is an unregistered version and to register it in that website. Is there any way to avoid that about box may be from my program.
plz help...
|
|
|
|
|
Hi all,
I am extracting a MAPI property that has a different language characters, when I extract them I get ???.doc how can I convert this to the right character?
Thanks,
Jj
|
|
|
|
|
Do you have support for all needed languages?
Greetings.
--------
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
|
|
|
|
|
Again extract and save that file and change encoding (ANSI) to encoding (unicode).
Yes U Can ...If U Can ,Dream it , U can do it ...ICAN
|
|
|
|
|
Hi All!
I want to use some off the shelf ActiveX components in my project for visual display of information e.g. analog dials, thermometers, digital displays and graphs. I am using VC++ .NET 2005. Any body guide me in finding such ActiveX contols which are flexable but not too expensive, thanks.
<cool head="" makes="" lips="" smile="" more="">
|
|
|
|
|
There are some nice free controls on this website. Just search through the articles. But these are not ActiveX controls but just plain standard controls.
I developped also a charting control, check my sig if you are interested.
|
|
|
|
|
I have a CTreeCtrl in side a CDialog base class.
The hot keys are not functioning when the focus is on is on the Tree.
How to enable the hotkey function for CTreeCtrl??
Any suggestions??
Priya Sundar
|
|
|
|
|
Hi All,
I have created one simple application which inherits the CScrollBar Class of MFC.
problem is that when i run my application and click on ScrollBar nothing is happening.
no events are generated and sent to my class.
Can anyone tell me what could be the problem ? , did i miss anything ?
|
|
|
|
|
Your program didnt get any events or you forgot to declare these events on your program?
|
|
|
|
|