On 03/09/2015 04:38, Salz, Rich wrote: > > We are considering a big cleanup to the memory-allocation API?s in the > next release. > > Please take a look at the attached documentation, which describes > **ALL** of the public functions, and let us know if it will cause a > problem. > A few practical notes: 1. I trust that functions to allocate specific data types (such as bignums) are not changed by this. 2. Macros that take zero arguments (such as "OPENSSL_malloc_init()") are not accepted by all compilers. In my own API designs this has forced me to give such macros a dummy argument (which is never used, it just pleases the preprocessor). 3. When compiling without compile-time debug flags, the various debug arguments should not be passed (or otherwise referenced) by the macros, avoiding a bunch of "foo.c" and line number values from filling up the compiled binary. Something like #ifdef SOME_DEBUG_DEFINE #define OPENSSL_malloc(num) (CRYPTO_malloc(num, __FILE__, __LINE__)) ... #else #define OPENSSL_malloc(num) (CRYPTO_malloc(num, NULL, 0)) // OR #define OPENSSL_malloc(num) (CRYPTO_malloc_nodbg(num)) ... #endif 4. For the basic functions (not the callbacks), there seems to be no reason not to change to size_t now. 5. Given the huge number of backward incompatibilities in OpenSSL 1.1.x, this seems a good time to change to size_t in the callbacks too. 6. Maybe there should be an alternate get/set_mem_functions with non-linenumber callbacks (behind the scenes, either would set the the other callbacks to stubs that add/remove the extra args, the initial defaults would be direct for speed and to support the "defer to default implementation" scenarios). 7. Maybe the get/set_mem_functions should (in their debug variant) should also be able to change the backend for debug_push/_pop. 8. For readability, defines with omitted (opaque) definitions should be documented with elided args such as #define OPENSSL_malloc(num) ... and #define CRYPTO_MEM_CHECK_ON 0x... to indicate that they do not (typically) expand to nothing/typically do expand to a numeric constant 9. Typo: "pointers for with the current functions" 10. It would be helpful to clarify which older functions are getting removed. It's a bit like reading a patch without the removed lines. Kind of impossible to tell what you propose to remove. Enjoy (NOT A CONTRIBUTION) Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150903/74e413b7/attachment-0001.html>
