...
NOTE: It is possible that the call to memset() in this example will be optimized out, although casting new secret as a volatile character should prevent this (see MSC06-C. Ensure that Be aware of compiler optimization when dealing with sensitive data is not written out to disk). Be very careful to ensure that any sensitive data is actually cleared from memory.
...