Hello! I'm sorry in advance if I'm asking stupid questions, this is my first time dealing with a development list, so please excuse me if something is wrong with this message... I'm pretty interested in the OpenSSH codebase, and a couple of questions arose while I was investigating it, and I guess this is the place where I can find answers. 1. There are a lot of allocations, even for short lived objects like sshbufs and sshkeys. Creating an sshbuf always requires at least one allocation, two allocations if it is created with sshbuf_new(). There are a lot of times when they are allocated and freed within the same function. Same thing with bitmaps. What is the reason behind not allocating them on the stack? 2. A lot of stuff in sshbuf's functions is checked against max_size. What is the reason behind setting the max_size in the first place? If sshbuf instance is not read-only and doesn't have children, why it cannot allocate more memory than it's max_size? 3. There are a lot of very defensive checks in sshbuf code. A lot (if not all) of sshbuf_* functions that take a pointer to another sshbuf first check it with sshbuf_check_sanity(). As far as i understand, sshbuf object cannot become insane since all its functions preserve all invariants. It also cannot become insane through client code, since its members are hidden. 4. What is the reason behind not implementing sshkey as a tagged union? I mean encapsulating all key-type-specific mutual exclusive members in a union type, which will be embedded in struct sshkey, and accessed with checks against key type. Again sorry if those are noob questions. I would be grateful if someone would give me any insight. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
