diff --git a/crypto/mem.c b/crypto/mem.c
index 639de3224..7b36bfb84 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -125,6 +125,16 @@ WEAK_SYMBOL_FUNC(void*, OPENSSL_memory_alloc, (size_t size));
 WEAK_SYMBOL_FUNC(void, OPENSSL_memory_free, (void *ptr));
 WEAK_SYMBOL_FUNC(size_t, OPENSSL_memory_get_size, (void *ptr));
 
+// kBoringSSLBinaryTag is a distinctive byte sequence to identify binaries that
+// are linking in BoringSSL and, roughly, what version they are using.
+static const uint8_t kBoringSSLBinaryTag[18] = {
+    // 16 bytes of magic tag.
+    0x8c, 0x62, 0x20, 0x0b, 0xd2, 0xa0, 0x72, 0x58,
+    0x44, 0xa8, 0x96, 0x69, 0xad, 0x55, 0x7e, 0xec,
+    // Current source iteration. Incremented ~monthly.
+    1, 0,
+};
+
 void *OPENSSL_malloc(size_t size) {
   if (OPENSSL_memory_alloc != NULL) {
     assert(OPENSSL_memory_free != NULL);
@@ -133,6 +143,14 @@ void *OPENSSL_malloc(size_t size) {
   }
 
   if (size + OPENSSL_MALLOC_PREFIX < size) {
+    // |OPENSSL_malloc| is a central function in BoringSSL thus a reference to
+    // |kBoringSSLBinaryTag| is created here so that the tag isn't discarded by
+    // the linker. The following is sufficient to stop GCC, Clang, and MSVC
+    // optimising away the reference at the time of writing. Since this
+    // probably results in an actual memory reference, it is put in this very
+    // rare code path.
+    uint8_t unused = *(volatile uint8_t *)kBoringSSLBinaryTag;
+    (void) unused;
     return NULL;
   }