Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 18 Sep 2012 09:56:58 -0400
From: Rich Felker <dalias@...ifal.cx>
To: musl@...ts.openwall.com
Subject: Re: musl 0.9.5 release and new website

On Mon, Sep 17, 2012 at 09:35:32AM +0200, Szabolcs Nagy wrote:
> * Rich Felker <dalias@...ifal.cx> [2012-09-16 23:02:41 -0400]:
> > On Sun, Sep 16, 2012 at 11:42:08PM +0200, Szabolcs Nagy wrote:
> > > is the 30K key limit reasonable?
> > 
> > I don't know; can you explain the motivation?
> > 
> 
> allowing 1G long key is clearly wrong because of dos

If time only grows linearly with key length and 30k is no problem, I
suspect the runtime for a 1G key is annoying but not the biggest
problem. You already have a DoS error if your server let an
unauthenticated client allocate 1G of memory.. :-)

If it grows superlinearly, then yes, a limit is needed at whatever
point the growth becomes problematic, or just at some sane limit (like
what you did, 30k) that prevents getting to the problematic range.

Either way, I agree it can't hurt to place some reasonable limits in
place; I was just wondering if you have some comments on the growth
rate.

> > It would be nice if these could be done without tables. As-is, I'm not
> > really sure the the de-unrolled code is all that much cleaner than the
> > original, but at least it's slightly smaller...
> > 
> 
> if they are calculated inline then the code is even more slow
> but not really smaller (the two tables are 128 bytes)
> and not really cleaner:

Indeed, I was not thinking of generating tables, just wondering if
there's a simple arithmetic expression for them in terms of i...
However I don't see any obvious answer for most of them.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.