[openssl-dev] [openssl.org #3710] New EX_DATA indices should start at 1
Short, Todd via RT
rt at openssl.org
Tue Feb 17 21:50:35 UTC 2015
As written now, CRYPTO_get_ex_new_index() will return 0 as an index the first time it is called. When called, CRYPTO_get_ex_new_index() adds a new, dup and free function for the index.
This conflicts with the common use of “app_data” (e.g. SSL_set_app_data(), BIO_set_app_data()) which uses index 0, and does not explicitly reserve it. This can lead to invalid memory frees and/or leaked memory.
Having the indices returned by CRYPTO_get_ex_new_index() start at 1 avoids this.
--
-Todd Short
// tshort at akamai.com<mailto:tshort at akamai.com>
// “One if by land, two if by sea, three if by the Internet."
More information about the openssl-dev
mailing list