[openssl-dev] Seeking feedback on some #ifdef changes

Hanno Böck hanno at hboeck.de
Tue Jan 27 11:30:45 UTC 2015


Hello,

On Fri, 23 Jan 2015 19:11:35 +0000
"Salz, Rich" <rsalz at akamai.com> wrote:

> OPENSSL_NO_BUF_FREELISTS

As far as I remember the post-heartbleed discussions this disables an
openssl-own memory management which in the case of heartbleed
circumvented memory protection measures like address sanitizer.

What's the plan here? Replace openssl's own memory management by
default with "standard" memory management calls or is the plan to
disable the possibility to have standard memory management at all?
If the latter I'd vote against removing that flag.

cu,
-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150127/b29b536d/attachment.sig>


More information about the openssl-dev mailing list