Use of custom memory allocators

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Dec 4 20:02:26 CET 2008


Werner Koch wrote:

>      This function registers FUNC_LOG as `logging handler', which means
>      that it will be called in case Libgcrypt wants to log a message.
>      This function may and should be used prior to calling
>      `gcry_check_version'.
> 
> This is so that problems during initializaion can be logged.

Hello!
 Done!

> 
> The real problem however is the use of gcry_set_allocation_handler.
> This installs a new memory allocator defaulting to to standard
> malloc/free.  Well, for an application using just gnutls this might not
> be a problem (unless in FIPS mode).  However if an application is using
> gnutls directly or indirectly (e.g. through openldap) and also making
> direct use of libgcrypt this will change the standard Libgcrypt memory
> allocators or those set by the actual application.  This is a security
> problem because by using a plain malloc and free it is not anymore
> guaranteed that all sensitive data is zeroes out as soon as needed.
> 
> If you really, really want to set other Libgcrypt allocation handlers,
> you need to do it in the above initalization block and before setting
> the finished flag.  (I'll add an extra sentence to the manual.)

To be honest I don't remember why is this code there. I recollect that
libgcrypt required to set those allocation functions and didn't work
otherwise but this was literally ages ago :) Can libgcrypt work without
setting the memory allocation functions?

regards,
Nikos



More information about the Gcrypt-devel mailing list