Comment Re:Share and Share Alike (Score 1) 132
In another comment, I posted a link to the talk that the libreSSL people gave on what they're doing. It's not really true that what they come up with won't run on other platforms. They're just removing a ton of "#if defined(OPENVMS) && (! defined(WIN32))" in favor of assuming a POSIX compliant libc. Even WinX now has that.
They're taking the "shim" approach. For example, they have two BSD-only functions: explicit_bzero [will _not_ be optimized away by the compiler--just calls bzero] and arrayalloc [does what calloc does but does _not_ zero the memory].
The BSD calloc/arrayalloc do a precheck for overflow of nmemb * size.
These are easy [trivial] to implement for non BSD systems:
void
explicit_bzero(void *ptr,size_t len)
{
memset(ptr,0,len);
}
void *
arrayalloc(size_t nmemb,size_t size)
{
size_t totsize;
void *ptr;
totsize = nmemb * size;
if (/* totsize overflowed*/)
ptr = malloc(totsize);
return ptr;
}