|
From: Julian S. <js...@ac...> - 2008-05-14 07:55:11
|
> 2. Uninitialized memory does not help for randomness but it also does not > hurt. If you say it does not help for randomness, why then use it? > 3. OpenSSL offers a compilation macro (PURIFY) to disable usage of > uninitialized memory. This should pacify valgrind for all people that have > to debug their applications. True, but it has the bad effect that you need to recompile OpenSSL in order to use Memcheck on any applications which use it. This is extra hassle for programmers and packagers. At least with the new --track-origins=yes facility in V 3.4.0 it will be easy to find out which uninitialised value errors are as a result of OpenSSL using uninitialised memory. J |