Hi Jakob,

> Veering off topic here ...
> ...
> > The heartbleed bug wouldn't have had such a devastating effect if they
> > wouldn't have implemented their own memory management.
> ...
>  - test on other memory allocators. Just to ensure conformance.
> ...
> I have no problem with the strategy to for instance use a custom
> allocator with an unsecure default allocator, but defaulting to the
> system allocator on good platforms like OpenBSD.

Why I enjoyed your rant very much, I must mention that according to what
I heard about the heartbleed bug, it is not the fault of the memory
allocator.

The bug happened because the _sizes_ of incoming and outgoing data were
not handled correctly:

1. Incoming packet says it is 64k, but in fact is only one byte.
2. The single byte is written to the buffer (here the receiver _must_
   know the size independently of what the packet tells).
3. The reply sends all 64k from the buffer, using the wrong value from
   the packet instead of its known count of written bytes.

For this scenario, it would not help if the buffer were allocated by
another memory manager, or even be static.

♪♫ Alex
-- 
UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe

Reply via email to