On Thu, Apr 10, 2014 at 9:08 PM, Viktor Dukhovni <[email protected]> wrote: > On Thu, Apr 10, 2014 at 12:46:23PM -0400, Salz, Rich wrote: > >> We've been compiling -DOPENSSL_NO_BUF_FREELISTS forever. Our >> only complaint is that the BUF is misspelled :) > > Apparently, this introduces a problem when free() actually wipes > freed memory, rather than just putting it on the free list. So > -DOPENSSL_NO_BUF_FREELISTS may not be sufficiently tested. > > My vote, for what it is worth, is to not optimize on the assumption > of slow malloc/free by default. Rather the default build should > let malloc/free manage all allocations. If this uncovers latent > bugs they should be fixed. > > In particular, testing should include malloc()/free() impementations > that overwrite freed and newly allocated memory with non-zero fill > bytes and test guard zones at the head and tail of each allocated > block. > > If tests pass with such malloc()/free() implementations, then the > code is likely sound. Production code would just use the system > malloc()/free(), or application-provided overrides.
Or alternatively, steal parts of OpenBSD's malloc :p ? > > -- > Viktor. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [email protected] -- This message is strictly personal and the opinions expressed do not represent those of my employers, either past or present. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
