[openssl-users] Initialising OpenSSL more than once - how do we handle this?

Michael Wojcik Michael.Wojcik at microfocus.com
Mon Jul 30 18:12:26 UTC 2018

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Salz, Rich via openssl-users
> Sent: Monday, July 30, 2018 11:28

> > I never thought I'd see the day that someone would have to defend not leaking memory
> > in pivotal security code like openssl however

> To be accurate, it was a couple of people saying that memory leaks *on process exit* aren’t be a big deal.

And only singleton leaks, at that. But why sweat comprehension when there's an opportunity to be rude?

As for Jordan's objection: If you don't know the source of your "leaks", then I can't say I'm particularly impressed with a zero-"leak" policy. That amounts to "let's burn a lot of cycles during process termination, rather than understand what we're doing".

Michael Wojcik
Distinguished Engineer, Micro Focus

More information about the openssl-users mailing list