libgcrypt and patches again
Christian Grothoff
christian at grothoff.org
Tue Oct 11 16:00:24 CEST 2005
On Tuesday 11 October 2005 03:25, Nikos Mavrogiannopoulos wrote:
> On Tuesday 11 October 2005 12:06, Werner Koch wrote:
> > > implementation errors is a strange way to build security relevant
> > > software. Securely freeing and cleaning resources is usually an
> > > important part of cryptographic software solutions.
> >
> > Please understand that these are one time allocations. Consider them
> > part of the DSO loading process.
>
> I tend to agree with Dirk on that matter. If a program uses 10 shared
> libraries that do not deallocate their resources, checking for memory leaks
> in the program is a disaster.
I also agree with Dirk. In particular I an thinking of problems that would
occur if the library is loaded and unloaded repeatedly (dlopen/dlclose),
causing the malloc'ed memory to live-on. Now, Dirk's explicit shutdown-call
might not be the best choice in this context, maybe a destructor / _fini_ /
whatever that is automatically triggered by the linker (ideally paired with a
matching constructor that does the allocation) would be the perfect solution
in my opinion.
my 2 cents
Christian
More information about the Gcrypt-devel
mailing list