Use of custom memory allocators
nmav at gnutls.org
Thu Dec 4 20:02:26 CET 2008
Werner Koch wrote:
> This function registers FUNC_LOG as `logging handler', which means
> that it will be called in case Libgcrypt wants to log a message.
> This function may and should be used prior to calling
> This is so that problems during initializaion can be logged.
> The real problem however is the use of gcry_set_allocation_handler.
> This installs a new memory allocator defaulting to to standard
> malloc/free. Well, for an application using just gnutls this might not
> be a problem (unless in FIPS mode). However if an application is using
> gnutls directly or indirectly (e.g. through openldap) and also making
> direct use of libgcrypt this will change the standard Libgcrypt memory
> allocators or those set by the actual application. This is a security
> problem because by using a plain malloc and free it is not anymore
> guaranteed that all sensitive data is zeroes out as soon as needed.
> If you really, really want to set other Libgcrypt allocation handlers,
> you need to do it in the above initalization block and before setting
> the finished flag. (I'll add an extra sentence to the manual.)
To be honest I don't remember why is this code there. I recollect that
libgcrypt required to set those allocation functions and didn't work
otherwise but this was literally ages ago :) Can libgcrypt work without
setting the memory allocation functions?
More information about the Gcrypt-devel