On Thu, Apr 10, 2014 at 12:46:23PM -0400, Salz, Rich wrote:
> We've been compiling -DOPENSSL_NO_BUF_FREELISTS forever. Our
> only complaint is that the BUF is misspelled :)
Apparently, this introduces a problem when free() actually wipes
freed memory, rather than just putting it on the free list. So
-DOPENSSL_NO_BUF_FREELISTS may not be sufficiently tested.
My vote, for what it is worth, is to not optimize on the assumption
of slow malloc/free by default. Rather the default build should
let malloc/free manage all allocations. If this uncovers latent
bugs they should be fixed.
In particular, testing should include malloc()/free() impementations
that overwrite freed and newly allocated memory with non-zero fill
bytes and test guard zones at the head and tail of each allocated
block.
If tests pass with such malloc()/free() implementations, then the
code is likely sound. Production code would just use the system
malloc()/free(), or application-provided overrides.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
