diff --git a/library/platform_util.c b/library/platform_util.c
index 63b7c4152e..d4574f459e 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -125,6 +125,15 @@ void mbedtls_platform_zeroize(void *buf, size_t len)
         SecureZeroMemory(buf, len);
 #else
         memset_func(buf, 0, len);
+#endif
+
+#if defined(__GNUC__)
+        /* For clang and gcc, pretend that we have some assembly that reads the
+         * zero'd memory as an additional protection against being optimised away. */
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wvla"
+        asm volatile ("" : : "m" (*(char (*)[len]) buf) : );
+#pragma clang diagnostic pop
 #endif
     }
 }