…andom instead of /dev/urandom
Also disabling the termination of the secure memory pool, once terminated the memory pool cannot be revived for the life of the process.
… len() which will only read to a NULL byte
… is over
Lest we have allocated a segment in non-nullbyted (yes, nullbyted) memory, and have garbage trailing off the end of the string.
…avily by ecc_encrypt()) The gist of what's happening, is that dezerialize_mpi() gives us an (N) MPI which an affine_point struct's x,y are then assertained with. This N MPI was not being properly released after P.x and P.y were calculated, resulting in libseccure exhausting libgcrypt's secure memory pool. Valgrind results (valgrind --tool=memcheck --leak-check=full --show-reachable=yes ./test_integration -p /integration/keygen_encryptsalot): Before: LEAK SUMMARY: definitely lost: 7,208 bytes in 360 blocks. indirectly lost: 17,363 bytes in 179 blocks. possibly lost: 992 bytes in 2 blocks. still reachable: 16,042 bytes in 85 blocks. suppressed: 0 bytes in 0 blocks. After: LEAK SUMMARY: definitely lost: 3,232 bytes in 201 blocks. indirectly lost: 19,628 bytes in 208 blocks. possibly lost: 992 bytes in 2 blocks. still reachable: 15,447 bytes in 67 blocks. suppressed: 0 bytes in 0 blocks.