NAME

explicit_memset memset_explicit — guarantee writing a byte to a byte string

LIBRARY

Standard C Library (libc, -lc)

SYNOPSIS

#include <string.h>

void *
explicit_memset(void *b, int c, size_t len);

void *
memset_explicit(void *b, int c, size_t len);

DESCRIPTION

The explicit_memset() and memset_explicit() functions write len bytes of value c (converted to an unsigned char) to the string b. They are guaranteed not to be optimized away by the compiler even if b is no longer used and is about to be freed or go out of scope.

RETURN VALUES

The explicit_memset() function returns the original value of b.

EXAMPLES

Create a buffer on the stack for a secret key, use it, and then zero it in memory before throwing it away.

void
f(void)
{
	uint8_t key[32];

	crypto_random(key, sizeof(key));
	do_crypto_stuff(key, sizeof(key));
	...

	explicit_memset(key, 0, sizeof(key));
}

SEE ALSO

consttime_memequal(3), memset(3)

STANDARDS

The memset_explicit() function conforms to ISO/IEC 9899:2024 (“ISO C23”).

HISTORY

The explicit_memset() function appeared in NetBSD 7.0. The memset_explicit() alias was added in NetBSD 11.0.