For all my projects I user a custom wrapper to the systems memory allocator, because the system ones got its limit. For example you cannot easily tell free() to clean the memory before releasing it. This is of major importance in tools like OpenSSL, and if you want to make sure that everybody uses the deallocate() function wich does cleaning the memory before freeing, then building your own one is not that a bad of an idea.
Well, I choose the wrapper path, which besides said clean before release, adds fencing and integrity validation before release, and pointer zeroing after release, and takes the release of realloc() after fail to a really secure level, and on top of that a handy feature of counting the total memory allocations/deallocation in the course of the execution. And all my code in debug mode exits with the message „no memory leaked“. Or if there is a failure, then the amount of memory that was leaked is reported, and this becomes fixed then of course.
If you are working alone on small projects, then you can add all this security related features by employing sort of your own coding standards around malloc(), realloc() and free(), but I would not trust even myself to allways add the right steps in the right sequence, to achieve what is needed. Let alone a group of open source enthusiast adding their own design patterns to your projects.
So, yes the systems memory allocation routines are lacking important security features, and you either built a wrapper around it like I did, or you just build your own. Note, I am targeting FreeBSD and macOS only, so the wrapper path seemed to be more feasible for me. If you need to target a bunch of other OS’s as well, then perhaps it is really better to built your own memory allocator. Valgrind, phhh...
... I have no trouble believing they removed 90k lines of code. ...
I have no difficulties to believe this either. I don’t believe the Milkmaid's bill, alike 90k less code adds 90 times better security. I will stay with OpenSSL, that’s it.
Conclusions:
- Who wants to use LibreSSL, please go ahead, I won’t have any objections against this, I even won’t argue.
- I won’t even complain, if FreeBSD would switch to LibreSSL in the base, if they want to, please do it.
- In order to install OpenSSL, I won’t need a port. For example, on macOS I simply run the respective Configure/make combo which comes with the OpenSSL sources.
- I don’t have any problems with LibreSSL now and for sure I won’t have any in the future either.