[EXT] Re: OpenSSL 3.2.0: dane_tlsa_add(): tlsa_free() problem?
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Sun Nov 26 19:09:45 UTC 2023
>> Fix freshly introduced double-free.
>>
>>
>> - tlsa_free(t);
>
> BTW: maybe a more "defensive" programming style should be used:
> reset the pointer after it has been freed:
>
> tlsa_free(t); t = NULL;
I fully support this idea, and am surprised that the OpenSSL maintainers have been resisting similar suggestions for quite some time.
> Or something like:
>
> #define XYZ_FREE(ptr) do { \
> if ((ptr) != NULL) { \
> xyz_free(ptr); \
> (ptr) = NULL; \
> } \
> } while (0)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: not available
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20231126/132c2802/attachment.p7s>
More information about the openssl-users
mailing list