On Wed Aug 17 18:16:41 2016, bmor...@mortoninsights.com wrote: > That doesn't sound like an ideal case for a bugfix. Any other creative > ideas on how to fix this one? Some suggestions I read previously included > adding support for streaming decode to avoid such a large memory > allocation. This may not easily be feasible because of needing to verify > signatures on the message. >
A streaming decode is one option but this is far from a trivial undertaking, Verifying signatures would be handled on the fly but you'll only know the signature is valid after all content has been processed of course. > If not, I'll try out the size_t change. > This is a significant job too. There is a major knock on effect with several APIs so it's not just a case of changing a few structures or we'd have done it already. It is planned for a future release though. As RIch mentioned one of the key structures has a dependency on int which is often 32 bits even on 64 bit systems. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4651 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev