In message <[EMAIL PROTECTED]> on Tue, 2 Dec 2003 10:40:16 -0500, Geoff Thorpe <[EMAIL PROTECTED]> said:
geoff> Well I think "plain paranoia" is better placed in locations like the geoff> BN_DEBUG[_RAND] macros followed by the prudent use of self-tests, geoff> valgrind, etc. When I do that "second sweep" I spoke of before, I will geoff> try pick up on this and things like it. IMHO we're better to convert geoff> those (words+1) occurances back to (words) and use debugging to watch for geoff> overruns, ie. to fix the cause rather than the symptom. Allocating excess geoff> data solves off-by-one only on the assumption that off-by-n for n>1 will geoff> never occur, and of course this also introduces bloat whenever "words" is geoff> some nicely block-aligned value that we then screw up with an increment. geoff> This is analogous to the bn_fix_top() nonsense we had before, where geoff> fix-up macros were smeared liberally all over the place so that buggy geoff> behaviour was "hidden well enough". Any paranoia that hides bugs is doing geoff> us no good. Oh, I entirely agree with what you say. This is, for the larger part, things that remain since the SSLeay days, and I didn't dare change too much when I did that constification run a couple of years ago... I very grateful for the work you're doing. ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. You don't have to be rich, a $10 donation is appreciated! -- Richard Levitte \ Tunnlandsvägen 3 \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
