[Swan-dev] wicked waste of CPU
D. Hugh Redelmeier
hugh at mimosa.com
Fri Mar 21 06:34:34 EET 2014
| From: Paul Wouters <paul at nohats.ca>
| These were added after a FIPS review. I am not saying you are wrong. But
| I am not ready to remove them yet either. There could be a bug that for
| instance would send some uninitialised space from one endpoint to
| another. I know normally this cannot happen. But these calls are extra
| security meassures against such a bug.
It should not take much work to make reply_buffer file-static in
packet.c. Would that make my assertion more convincing?
The only code that should write to it is marshalling code, and that is
supposed to be manifestly well-behaved.
Still, uninitialized stuff might be copied in by the marshalling code
and then sent out on the wire. But this is unrelated to zeroing
reply_buffer.
| We could make the 64k smaller. I don't think things ever get even
| remotely near to that maximum.
What number could you justify?
More information about the Swan-dev
mailing list