[fpc-pascal] constructor "guarantee" and other behavioural stuff
Pierce Ng
pierce at samadhiweb.com
Tue Jan 19 14:31:01 CET 2016
Hi all,
I last used Pascal in school a long long time ago. Just discovered Free Pascal.
I have the following:
type
TNonceBytes = array[1..8] of byte;
TNonce = class
private
pn: TNonceBytes;
filled: boolean;
public
constructor create; overload;
end;
constructor TNonce.create;
begin
inherited;
randombytes(pn, 8);
filled := true;
end;
Is "filled" necessary, or does the compiler guarantee that my overloaded
constructor is called to fill "pn" with "real crypto" random bytes? I'd imagine
that, if randombytes() isn't called, the content of pn might be whatever that
happens to be in the memory that was allocated. By eyeballing, I won't be able
to tell, but cryptographically it'll be catastrophic if pn contains
random-looking but possibly predictable data.
On a related note, if I keep "filled" as an instance variable but leave the
line "filled := true" out from the constructor, what is filled's value
after the constructor is done?
Finally, remembering my programming languages course from my CS undergrad days,
in the following, are TNonce and TNonceBytes allocated on the stack or from the
heap, and should I care, given that, in this case, I am writing a
security-sensitive program?
procedure encrypt(ptext: TByteArray, var ctext: TByteArray);
var
n: TNonce;
begin
n := TNonce.create;
... whatever ...
end;
Thanks. Cheers.
Pierce
More information about the fpc-pascal
mailing list