Mark Andrews marka at isc.org
Sat Apr 12 06:22:20 UTC 2014

Don't think for one second that using malloc directly would have
saved OpenSSL here.  By default malloc does not zero freed memory
it returns.  It is a feature that needs to be enabled.  If OpenSSL
wanted to zero memory it was returning could have done that itself.

The only difference is that *some* malloc implementations examine
the envionment and change their behaviour based on that.

That OpenSSL used its own memory allocator was a problem does not
stand up to rigourous analysis.

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the NANOG mailing list