Richard Levitte - VMS Whacker wrote:
>
> From: Jeffrey Altman <[EMAIL PROTECTED]>
>
> jaltman> This is indeed a serious problem. Every structure that is needed by
> jaltman> the library should be allocated as dynamic memory. X509_STORE_CTX
> jaltman> should be declared as something like
> jaltman>
> jaltman> typedef struct _x509_store_ctx * X509_STORE_CTX;
> jaltman>
> jaltman> so that
> jaltman>
> jaltman> X509_STORE_CTX_init(&ctx,...);
>
> I agree that going for dynamic memory is the right thing to do.
> However, I don't believe the method above is a good one. Why?
> Because it's aimed at making the transition as painless as possible,
> and will lead to memory hogs among the programs whose authors don't
> pay enough attention. If we change the behavior, let's change the
> API while we're at it, so it won't go unnoticed!
>
Yes changing the structures to pointers to structures was one idea I
thought of. As you say there is a possiblity for memory leaks. Currently
you can call EVP_DigestInit() for example when a digest operation is
abandoned without ever calling EVP_DigestFinal() with no ill effects.
You'd get leaks if you did that with the above system.
Another more radical approach would be to add an abstraction layer that
doesn't expose the structures themselves at an application layer and
instead refers to them indirectly as "handles". This would avoid many
problems in the current setup: such as crashing when fed invalid
pointers and applications messing round in structure internals in non
portable ways. However its a big change.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
