Hi, On Thu, Feb 18, 2010 at 12:54:08PM +0100, David Sommerseth wrote: > The average user might have hits between 1 and 5 IP addresses > (guestimate) on such a hostname lookups. There are a few things I am > concerned about in this regards. Even though on my platform in_addr_t > only needs 4 bytes, other platforms might use more. If that platform is
in_addr_t is an IPv4 address, so I would be very surprised to see it require more than 4 bytes on any reasonable system. [..] > Remember that the memory which is allocated "static" in functions like > you have done, are in the reality allocated dynamically when the > function is called. The advantage is this approach, is that it is > easier for developers to write the code. The developer don't need to > care about explicit malloc() or calloc() calls, neither to free the > memory afterwards. The compiler does this job for you. (Global > variables on the other hand, are different in this regards, but that's > another chapter.) Just to nitpick on that: those variables are not malloc()'ed, they are put on the stack. Different area of the memory management -- but still valuable on embedded systems, of course. Since the openvpn server process is not multithreaded, there is no risk of it happening "10 times in parallel", though. So we lose 400 bytes of stack space while getaddr() is called. [..] > 1) Make use of dynamic memory allocation > You return number of IPs retrieved, so you know how much data to free > later on. You might also want to have a configuration parameter which > can limit the amount IPs allowed to be processed. This also gives users > with restricted memory usage better control. I see this specific case as "somewhat borderline" - adding dynamic memory handling will save 400 bytes of stack space (good) but will bring in extra code for sizing, allocating, and free()ing the memory, which might well end up being in the same order of bytes of code space - and that's memory "lost forever". And the risk of programmer error is higher... > 2) Reduce MAX_IPS_PER_HOSTNAME and make this a default value. Then make > this number changeable via a configuration option (in options.c). For > me a reasonable default number would be 5 or 10 in this situation. Getting configuration options propagated down all the way into a generic function like getaddr() is either painful (lots of callers that might themselves not have a pointer to the config struct around yet) or messy (global variables). Reading through this, my suggestion would be "go for a reasonable but lower value", something like "20". Still arbitrary, but brings down the (transient!) memory used to 80 bytes, which is hard to beat with any sort of dynamic allocation scheme. > * usage of get_random in getaddr() [socket.c:261] > > I admit I should have spotted this one on the first review. Because > this code snippet below looks really odd to me. > > if (nb > 1) > { > msg (D_RESOLVE_ERRORS, "RESOLVE: NOTE: %s resolves to %d > addresses, choosing one at random", > hostname, > nb); > return ips[get_random () % nb]; > } > > > Why on earth do you want to use get_random() in this situation? That's original OpenVPN code, just moved to a different place. While I am not saying that it should be that way, or should not be that way, it's not something brought in by the patch in question, so should not be covered by its review. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de