ssl: reduce allocate space for ssl backend when FTP is not supported. #8471
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bagder
reviewed
Feb 18, 2022
| conn->proxy_ssl[SECONDARYSOCKET].backend = calloc(1, sslsize); | ||
| allocate_result &= conn->proxy_ssl[SECONDARYSOCKET].backend != NULL; | ||
| #endif | ||
| #endif |
There was a problem hiding this comment.
I'm not a total fan of how this turns one malloc into four for a regular build. How about instead making the function similar to this? (untested)
static struct connectdata *allocate_conn(struct Curl_easy *data)
{
struct connectdata *conn = calloc(1, sizeof(struct connectdata));
if(!conn)
return NULL;
#ifdef USE_SSL
/* The SSL backend-specific data (ssl_backend_data) objects are allocated as
a separate array to ensure suitable alignment.
Note that these backend pointers can be swapped by vtls (eg ssl backend
data becomes proxy backend data). */
{
size_t onesize = Curl_ssl->sizeof_ssl_backend_data;
size_t totalsize = onesize;
void *ptr;
bool allocate_result = true;
#ifndef CURL_DISABLE_FTP
totalsize *= 2;
#endif
#ifndef CURL_DISABLE_PROXY
totalsize *= 2;
#endif
conn->ssl[FIRSTSOCKET].backend = ptr = calloc(1, totalsize);
if(!ptr)
return NULL;
#ifndef CURL_DISABLE_FTP
conn->ssl[SECONDARYSOCKET].backend = ptr += onesize;
#endif
#ifndef CURL_DISABLE_PROXY
conn->proxy_ssl[FIRSTSOCKET].backend = ptr += onesize;
#ifndef CURL_DISABLE_FTP
conn->proxy_ssl[SECONDARYSOCKET].backend = ptr += onesize;
#endif
#endif
}
#endifThere was a problem hiding this comment.
I have modified the memory allocation as you wrote.
lib/vtls/bearssl.c
Outdated
| @@ -339,6 +339,8 @@ static CURLcode bearssl_connect_step1(struct Curl_easy *data, | |||
| struct in_addr addr; | |||
| #endif | |||
|
|
|||
| DEBUGASSERT(backend != NULL); | |||
There was a problem hiding this comment.
I think you should remove != NULL from these checks, as we normally check pointers for being non-NULL like that everywhere else.
lib/vtls/openssl.c
Outdated
| @@ -1862,6 +1867,8 @@ static CURLcode verifystatus(struct Curl_easy *data, | |||
| ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd; | |||
| int ret; | |||
|
|
|||
| DEBUGASSERT(backend != NULL); | |||
There was a problem hiding this comment.
This is the first of 4 compiler warnings because you add the assert before the last variable declaration:
vtls/openssl.c:1872:3: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]
MAntoniak
force-pushed
the
ssl_allocate
branch
3 times, most recently
from
c8427f7
to
0aec3e4
Compare
MAntoniak
force-pushed
the
ssl_allocate
branch
from
0aec3e4
to
73a4cc2
Compare
bagder
approved these changes
Feb 21, 2022
|
Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Additionally, adding a backend check for NULL everywhere