noble (3) explicit_bzero.3.gz

Provided by: manpages-es-dev_4.21.0-2_all bug

NOMBRE
       bzero explicit_bzero - escribe bytes cero


BIBLIOTECA
       Biblioteca Estándar C (libc, -lc)


SINOPSIS
       #include <strings.h>

       void bzero(void s[.n], size_t n);

       #include <string.h>

       void explicit_bzero(void s[.n], size_t n);


DESCRIPCIÓN
       The bzero()  function erases the data in the n bytes of the memory starting at the location pointed to by
       s, by writing zeros (bytes containing '\0') to that area.

       The explicit_bzero()  function performs the same task as bzero().  It differs from bzero()   in  that  it
       guarantees  that  compiler optimizations will not remove the erase operation if the compiler deduces that
       the operation is "unnecessary".


VALOR DEVUELTO
       Ninguna.


VERSIONES
       explicit_bzero() apareció por primera vez en la versión 2.25 de glibc.


ATRIBUTOS
       Para obtener una explicación de los términos usados en esta sección, véase attributes(7).

       ┌───────────────────────────────────────────────────────────────┬────────────────────┬───────────────────┐
       │InterfazAtributoValor             │
       ├───────────────────────────────────────────────────────────────┼────────────────────┼───────────────────┤
       │bzero(), explicit_bzero()                                      │ Seguridad del hilo │ Multi-hilo seguro │
       └───────────────────────────────────────────────────────────────┴────────────────────┴───────────────────┘


ESTÁNDARES
       The bzero()  function is deprecated (marked as LEGACY in POSIX.1-2001); use memset(3)  in  new  programs.
       POSIX.1-2008 removes the specification of bzero().  The bzero()  function first appeared in 4.3BSD.

       La   función  explicit_bzero()  es  una  extensión  no  estándar  presente  también  algunos  BSD.  Otras
       implementaciones incluyen funciones similares tales como memset_explicit() o memset_s().


NOTAS
       The explicit_bzero()  function addresses a problem that security-conscious applications may run into when
       using bzero(): if the compiler can deduce that the location to be zeroed will never again be touched by a
       correct program, then it may remove the bzero()  call altogether.  This is a problem if the intent of the
       bzero()  call was to erase sensitive data (e.g., passwords)  to prevent the possibility that the data was
       leaked by an incorrect or compromised program.  Calls to explicit_bzero()  are never  optimized  away  by
       the compiler.

       La  función  explicit_bzero()  no resuelve todos los problemas relacionados con el borrado de información
       sensible:

       •  The explicit_bzero()  function does not guarantee  that  sensitive  data  is  completely  erased  from
          memory.   (The  same is true of bzero().)  For example, there may be copies of the sensitive data in a
          register and in "scratch" stack areas.  The explicit_bzero()  function is not aware of  these  copies,
          and can't erase them.

       •  In  some  circumstances, explicit_bzero()  can decrease security.  If the compiler determined that the
          variable containing the sensitive data could be optimized to be stored in a register  (because  it  is
          small  enough  to fit in a register, and no operation other than the explicit_bzero()  call would need
          to take the address of the variable), then the explicit_bzero()  call will force the data to be copied
          from the register to a location in RAM that is then immediately erased (while the copy in the register
          remains unaffected).  The problem here is that data in RAM is more likely to be exposed by a bug  than
          data  in  a  register,  and  thus  the  explicit_bzero()   call  creates a brief time window where the
          sensitive data is more vulnerable than it would otherwise have been if no attempt  had  been  made  to
          erase the data.

       Note  that  declaring  the  sensitive  variable  with the volatile qualifier does not eliminate the above
       problems.  Indeed, it will make them worse, since, for example,  it  may  force  a  variable  that  would
       otherwise  have been optimized into a register to instead be maintained in (more vulnerable)  RAM for its
       entire lifetime.

       Notwithstanding the above  details,  for  security-conscious  applications,  using  explicit_bzero()   is
       generally  preferable  to  not  using  it.   The  developers  of explicit_bzero()  anticipate that future
       compilers will recognize calls to explicit_bzero()  and take steps to  ensure  that  all  copies  of  the
       sensitive data are erased, including copies in registers or in "scratch" stack areas.


VÉASE TAMBIÉN
       bstring(3), memset(3), swab(3)


TRADUCCIÓN
       La   traducción   al   español   de   esta   página   del   manual  fue  creada  por  Sebastian  Desimone
       <chipy@argenet.com.ar>, Cesar D. Lobejon <cesar@alien.mec.es>, Miguel Pérez Ibars <mpi79470@alu.um.es>  y
       Marcos Fouces <marcos@debian.org>

       Esta   traducción   es   documentación   libre;   lea   la   GNU   General   Public   License  Version  3
       ⟨https://www.gnu.org/licenses/gpl-3.0.html⟩ o posterior con respecto a las condiciones de copyright.   No
       existe NINGUNA RESPONSABILIDAD.

       Si  encuentra  algún  error  en  la  traducción  de esta página del manual, envíe un correo electrónico a
       ⟨debian-l10n-spanish@lists.debian.org⟩.