[openssl-users] Cleanup and changing the malloc routines
jb-openssl at wisemo.com
Thu Sep 3 14:54:35 UTC 2015
On 03/09/2015 04:38, Salz, Rich wrote:
> We are considering a big cleanup to the memory-allocation API’s in the
> next release.
> Please take a look at the attached documentation, which describes
> **ALL** of the public functions, and let us know if it will cause a
A few practical notes:
1. I trust that functions to allocate specific data
types (such as bignums) are not changed by this.
2. Macros that take zero arguments (such as
"OPENSSL_malloc_init()") are not accepted by all
compilers. In my own API designs this has forced
me to give such macros a dummy argument (which is
never used, it just pleases the preprocessor).
3. When compiling without compile-time debug flags,
the various debug arguments should not be passed
(or otherwise referenced) by the macros, avoiding
a bunch of "foo.c" and line number values from
filling up the compiled binary. Something like
#define OPENSSL_malloc(num) (CRYPTO_malloc(num, __FILE__, __LINE__))
#define OPENSSL_malloc(num) (CRYPTO_malloc(num, NULL, 0))
#define OPENSSL_malloc(num) (CRYPTO_malloc_nodbg(num))
4. For the basic functions (not the callbacks), there
seems to be no reason not to change to size_t now.
5. Given the huge number of backward incompatibilities
in OpenSSL 1.1.x, this seems a good time to change to
size_t in the callbacks too.
6. Maybe there should be an alternate get/set_mem_functions
with non-linenumber callbacks (behind the scenes, either
would set the the other callbacks to stubs that add/remove
the extra args, the initial defaults would be direct for
speed and to support the "defer to default implementation"
7. Maybe the get/set_mem_functions should (in their debug
variant) should also be able to change the backend for
8. For readability, defines with omitted (opaque)
definitions should be documented with elided args such
as #define OPENSSL_malloc(num) ... and
#define CRYPTO_MEM_CHECK_ON 0x... to indicate that they
do not (typically) expand to nothing/typically do expand
to a numeric constant
9. Typo: "pointers for with the current functions"
10. It would be helpful to clarify which older functions are
getting removed. It's a bit like reading a patch without
the removed lines. Kind of impossible to tell what you
propose to remove.
Enjoy (NOT A CONTRIBUTION)
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users