explicit_memset —
guarantee writing a byte to a byte string
Standard C Library (libc, -lc)
#include <string.h>
void *
  
  explicit_memset(void
    *b, int c,
    size_t len);
The explicit_memset() function writes
  len bytes of value c (converted to
  an unsigned char) to the string b. It is guaranteed not
  to be optimized away by the compiler even if b is no
  longer used and is about to be freed or go out of scope.
The explicit_memset() function returns the original
  value of b.
Create a buffer on the stack for a secret key, use it, and then zero it in
  memory before throwing it away.
void
f(void)
{
	uint8_t key[32];
	crypto_random(key, sizeof(key));
	do_crypto_stuff(key, sizeof(key));
	...
	explicit_memset(key, 0, sizeof(key));
}
 
The explicit_memset() function appeared in
  NetBSD 7.0.