From: Pauli Date: Sat, 22 Feb 2020 00:35:26 +0000 (+1000) Subject: sec_mem: add note about the minimum size parameter. X-Git-Tag: openssl-3.0.0-alpha1~382 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=50e0402c220ab7abd375802ea4264ff3ee9fc339;p=oweals%2Fopenssl.git sec_mem: add note about the minimum size parameter. Add a note indicating that the minimum size parameter to CRYPTO_secure_malloc_init() should be small. Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/11149) --- diff --git a/doc/man3/OPENSSL_secure_malloc.pod b/doc/man3/OPENSSL_secure_malloc.pod index e47dfd673a..67a34eb809 100644 --- a/doc/man3/OPENSSL_secure_malloc.pod +++ b/doc/man3/OPENSSL_secure_malloc.pod @@ -53,8 +53,10 @@ put all intermediate values and computations there. CRYPTO_secure_malloc_init() creates the secure heap, with the specified C in bytes. The C parameter is the minimum size to -allocate from the heap. Both C and C must be a power -of two. +allocate from the heap or zero to use a reasonable default value. +Both C and, if specified, C must be a power of two and +C should generally be small, for example 16 or 32. +C must be less than a quarter of C in any case. CRYPTO_secure_malloc_initialized() indicates whether or not the secure heap as been initialized and is available.