+ // TODO: see about using regular malloc here, there were unknown problems
+ // using anything other than OPENSSL_malloc that need investigation.
+ char* buffer = (char*) OPENSSL_malloc(length);
Johanna, do you know any more details of what was wrong w/ regular malloc() here? I think it makes sense to get away from using OpenSSL’s malloc wrapper if it’s possible.
If I change it, running the test suites on OS X don’t show a problem. Is triggering the problem more subtle than the test suites will pick up on?