为什么 OPENSSL_cleanse 看起来如此复杂且线程不安全? [英] Why does OPENSSL_cleanse look so complex and thread-unsafe?

问题描述

这是 OpenSSL 1.0.1i 中 OPENSSL_cleanse 的实现

This is the implementation of OPENSSL_cleanse in OpenSSL 1.0.1i

unsigned char cleanse_ctr = 0;

void OPENSSL_cleanse(void *ptr, size_t len)
{
    unsigned char *p = ptr;
    size_t loop = len, ctr = cleanse_ctr;
    while(loop--)
    {
        *(p++) = (unsigned char)ctr;
        ctr += (17 + ((size_t)p & 0xF));
    }
    p=memchr(ptr, (unsigned char)ctr, len);
    if(p)
        ctr += (63 + (size_t)p);
    cleanse_ctr = (unsigned char)ctr;
}

它看起来复杂且线程不安全(通过读取和写入全局变量 cleanse_ctr).有人可以解释一下这个实现吗?用户是否需要担心其中可能存在的数据竞争?

It looks complex and thread-unsafe (by reading and writing global variable cleanse_ctr). Can somebody please explain a bit about this implementation? Does a user need to concern about the possible data race in it?

推荐答案

代码中存在数据竞争，但这并不重要，因为变量的目的只是提供不同的垃圾数据来填充一块内存.换句话说，任何给定线程从该变量读取什么值都无关紧要.用户不需要关心它.事实上，数据竞争甚至可能使功能更有效.

There is a data race in the code, but it doesn't matter because the point of the variable is just to provide varying garbage data with which to fill a piece of memory. In other words, it doesn't ever really matter what value any given thread reads from that variable. Users do not need to be concerned about it. In fact, the data race may even make the function more effective.

这篇关于为什么 OPENSSL_cleanse 看起来如此复杂且线程不安全?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！