[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DNSSEC?

Subject: DNSSEC?
From: marka at isc.org (Mark Andrews)
Date: Sat, 12 Apr 2014 16:22:20 +1000
In-reply-to: Your message of "Sat, 12 Apr 2014 00:45:20 -0500." <CAAAwwbXZwAwR0wOc-oPRrq+J_+=yBTtRsGPQ-RGQB-k_6UYU2Q@mail.gmail.com>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CAAAwwbXZwAwR0wOc-oPRrq+J_+=yBTtRsGPQ-RGQB-k_6UYU2Q@mail.gmail.com>

Don't think for one second that using malloc directly would have
saved OpenSSL here.  By default malloc does not zero freed memory
it returns.  It is a feature that needs to be enabled.  If OpenSSL
wanted to zero memory it was returning could have done that itself.

The only difference is that *some* malloc implementations examine
the envionment and change their behaviour based on that.

That OpenSSL used its own memory allocator was a problem does not
stand up to rigourous analysis.

Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

Follow-Ups:
- DNSSEC?
  - From: ag4ve.us at gmail.com (shawn wilson)

References:
- DNSSEC?
  - From: bzs at world.std.com (Barry Shein)
- DNSSEC?
  - From: cma at cmadams.net (Chris Adams)
- DNSSEC?
  - From: cabo at tzi.org (Carsten Bormann)
- DNSSEC?
  - From: mpalmer at hezmatt.org (Matt Palmer)
- DNSSEC?
  - From: rdrake at direcpath.com (Robert Drake)
- DNSSEC?
  - From: mysidia at gmail.com (Jimmy Hess)

Prev by Date: Heartbleed operational details
Next by Date: [[Infowarrior] - NSA Said to Have Used Heartbleed Bug for Years]
Previous by thread: DNSSEC?
Next by thread: DNSSEC?
Index(es):
- Date
- Thread