Easy patch for constification

ZIGLIO, Frediano, VF-IT Frediano.Ziglio at vodafone.com
Thu Dec 22 10:32:54 CET 2005


Patch attached add many const specifier on ciphers. Constification can
improve performance cause it add some informations to compiler and also
can save you in case of corruption of memory transforming some potential
buffer overflows to DoS.

Some questions about code:
- why are selftests always compiled in ? IMHO is better to make tests
before installing and remove them from final installed code
- gcry_cipher_spec contains a lot of not constant fields. Is this
expected or just for back compatibility? Is expected that for instance
someone can change aliases or oids ?
- module deallocation (like ciphers_registered) is not handled. This can
be a problem in environment where libgcrypt is loaded and unloaded
dynamically leading to memory leaks

Regards,
  Frediano Ziglio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libgcrypt.diff.gz
Type: application/x-gzip
Size: 10328 bytes
Desc: libgcrypt.diff.gz
Url : /pipermail/attachments/20051222/f944c993/libgcrypt.diff.bin


More information about the Gcrypt-devel mailing list