Patch attached add many const specifier on ciphers. Constification can
improve performance cause it add some informations to compiler and also
can save you in case of corruption of memory transforming some potential
buffer overflows to DoS.
Some questions about code:
- why are selftests always compiled in ? IMHO is better to make tests
before installing and remove them from final installed code
- gcry_cipher_spec contains a lot of not constant fields. Is this
expected or just for back compatibility? Is expected that for instance
someone can change aliases or oids ?
- module deallocation (like ciphers_registered) is not handled. This can
be a problem in environment where libgcrypt is loaded and unloaded
dynamically leading to memory leaks
Regards,
Frediano Ziglio
improve performance cause it add some informations to compiler and also
can save you in case of corruption of memory transforming some potential
buffer overflows to DoS.
Some questions about code:
- why are selftests always compiled in ? IMHO is better to make tests
before installing and remove them from final installed code
- gcry_cipher_spec contains a lot of not constant fields. Is this
expected or just for back compatibility? Is expected that for instance
someone can change aliases or oids ?
- module deallocation (like ciphers_registered) is not handled. This can
be a problem in environment where libgcrypt is loaded and unloaded
dynamically leading to memory leaks
Regards,
Frediano Ziglio
Attached Files:
-
libgcrypt.diff.gz (10.1 KB)