[OTR-dev] Memory allocations

[Timo Sirainen]

I was looking into how libotr and libgcrypt handle failing memory
allocations. I see that libotr generally tries to handle it by returning
an error from the function, but there are many libgcrypt calls that can
fail with "out of memory" that currently aren't checked, for example
gcry_mpi_print() and gcry_mpi_scan(). I'm not sure if they can cause any
bad problems, but silent failures aren't very good either.

I guess one solution would be to add more out of memory error checks,
but since it's so difficult to remember to check for them everywhere,
I'd rather be safe and just die immediately. libgcrypt has also several
memory allocations internally that die if they can't get the memory, so
you can't prevent dying entirely anyway.

Attached a patch to always die early from memory allocation failures in
libgcrypto. I was also considering changing all malloc()/free()s in
libotr to gcry_malloc()/gcry_free() so this would catch them too, but
that's too much work for now.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: libotr-mem.diff
Type: text/x-patch
Size: 1524 bytes
Desc: not available
URL: <http://lists.cypherpunks.ca/pipermail/otr-dev/attachments/20130824/830f0e28/attachment.bin>