Hacker News new | ask | show | jobs
by lifthrasiir 2933 days ago
> No malloc().

...by having your own arena allocator! I do agree that it is quite doable in this particular case, but I always remember that a custom memory allocator of OpenSSL made Heartbleed much more devastating.
1 comments
spc476 2932 days ago
... of memory passed in by the user! So it's up to the caller to make sure memory contains unclassified information.
link