[PATCH] Erase memory before freeing.
Ben Kibbey
bjk at luxsci.net
Tue Aug 2 01:41:23 CEST 2016
On Mon, Aug 01, 2016 at 12:15:31PM +0200, Justus Winter wrote:
> Hi :)
>
> Ben Kibbey <bjk at luxsci.net> writes:
>
> > * src/mem.h: New.
>
> Looks like you forgot to add this file.
Sure did. Oops. :)
> > +static struct mem_item_s *memlist;
>
> I wonder if a list is the right data structure. Linear lookup time
> feels expensive.
I thought this too. I haven't done any benchmarks but the list is
prepended to so it comforms with most de/allocations as LIFO. I also
don't khow how else to do it without requiring a realloc of a mem_item_s
which would corrupt pointers for .next. Any ideas?
> > + p = malloc (n);
> > + if (!p)
> > + return NULL;
> > +
> > + item = malloc (sizeof (struct mem_item_s));
>
> I'd suggest to allocate both in one chunk. That makes the error handling
> simpler, decreases pressure on the allocator and increases locality.
See above.
> > + LOCK (memlist_lock);
> > + item = find_memlist_item (p, 0);
> > + if (!item)
>
> I'm confused, shouldn't that be
>
> if (p == NULL) return _gpgme_assuan_malloc (n);
> item = find_memlist_item (p, 0);
> assert (item);
>
> instead ?
Yes. Thanks!
>
> > + {
> > + UNLOCK (memlist_lock);
> > + return _gpgme_assuan_malloc (n);
> > + }
> > +
> > + tmp = _gpgme_assuan_malloc (n);
>
> Can't we just use realloc here? And if not for some reason, please
> don't look newitem up like this, instead create a variant of
> _gpgme_assuan_malloc that returns the item.
Needed to wipe item->data. Not sure how to do both wiping item->data
and realloc'ing.
Attached is the revised patch. Suggestions welcome. Also, Werner
mentioned some time ago he'd like to add allocaters to gpg-error to
replace the "hooks" in libassuan and others. Not sure if anyone has
started that or not.
Thanks for the review.
--
Ben Kibbey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Erase-memory-before-freeing.patch
Type: text/x-diff
Size: 7658 bytes
Desc: not available
URL: </pipermail/attachments/20160801/b7badf77/attachment-0001.patch>
More information about the Gnupg-devel
mailing list