On Thu, 10 Apr 2014 17:49:52 +0200 Carlos Alberto Lopez Perez <clo...@igalia.com> wrote:
> What's the stance of openssl developers on this? Will you get rid of > this wrapper? What would make even more sense: Build openssl with a safe malloc implementation. I've no idea how practical this is, but there's something called Softbound CETS: http://www.cs.rutgers.edu/~santosh.nagarakatte/softbound/ There was a talk on 30c3: http://media.ccc.de/browse/congress/2013/30C3_-_5412_-_en_-_saal_1_-_201312271830_-_bug_class_genocide_-_andreas_bogk.html I think this is basically what we should have for SSL implementations. -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42
signature.asc
Description: PGP signature
