看板 FB_stable 關於我們 聯絡資訊
Hi, till it's fixed in base (which I hope is very soon) (or you replace openssl in base with the fixed version from ports or patch manually): Would it probably help (with the performance impact in mind) to set malloc option junk:true to lower the risk of leakting information? manpage says: "opt.junk" (bool) r- [--enable-fill] Junk filling enabled/disabled. If enabled, each byte of uninitialized allocated memory will be initialized to 0xa5. All deallocated memory will be initialized to 0x5a. This is intended for debugging and will impact performance negatively. This option is disabled by default unless --enable-debug is specified during configuration, in which case it is enabled by default unless running inside Valgrind[2]. as oppsosed to: "opt.zero" (bool) r- [--enable-fill] Zero filling enabled/disabled. If enabled, each byte of uninitialized allocated memory will be initialized to 0. Note that this initialization only happens once for each byte, so realloc and rallocm calls do not zero memory that was previously allocated. This is intended for debugging and will impact performance negatively. This option is disabled by default. Anyone with better insights could comment on that? - Oliver -- | Oliver Brandmueller http://sysadm.in/ ob@sysadm.in | | Ich bin das Internet. Sowahr ich Gott helfe. | _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"