Only if it's accessed at least once in each page (4K), AIUI.

radarsat1 · on June 21, 2017

Right. If I simply zero the memory with `memset` then I guess it should be ok.

clarry · on June 21, 2017

Unless the compiler decides that zeroing the memory doesn't do anything useful and optimizes it out.

astrange · on June 22, 2017

Initializing your stack buffer probably does count as something useful, but in case it doesn't, try memset_s(3).

mnarayan01 · on June 21, 2017

No: See http://en.cppreference.com/w/c/string/byte/memset#Notes -- if you don't read from it, the call may be optimized away.

dom0 · on June 21, 2017

Like my brethren say it's probably a good idea to use a "secure" memset that won't have an accident ^W ^W ^W be optimized out.

loeg · on June 22, 2017

Or keep >4kB objects off stack.

radarsat1 · on June 22, 2017

I mean, that's probably a good practice. In my case I sort of had this idea that largish objects should be placed on the heap but I couldn't really figure out a good reason why, or what the limit should be, so I guess this vuln proposes both a reason and that the page limit is a good threshold.