better way to zero away sensitive data

memset could be optimized away by the compiler

diff --git a/ext/standard/php_crypt_r.c b/ext/standard/php_crypt_r.c
index 3098f247ef7c4a50e9237d231412732e6dfcb73e..4917ebce2fb7e970ba55e3170e45fc8acedd7b8d 100644 (file)
--- a/ext/standard/php_crypt_r.c
+++ b/ext/standard/php_crypt_r.c
@@ -206,7 +206,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
        }
 
        /* Don't leave anything around in vm they could use. */
-       memset(final, 0, sizeof(final));
+       RtlSecureZeroMemory(final, sizeof(final));
 
        /* Then something really weird... */
        for (i = pwl; i != 0; i >>= 1) {
@@ -288,7 +288,7 @@ char * php_md5_crypt_r(const char *pw, const char *salt, char *out) {
 
        *p = '\0';
 
-       memset(final, 0, sizeof(final));
+       RtlSecureZeroMemory(final, sizeof(final));
 
 
 _destroyCtx1: