[openssl-dev] [openssl.org #4514] [BUG] PKCS12_key_gen_uni() crashes when used with Blake
Michel via RT
rt at openssl.org
Tue Apr 19 13:57:15 UTC 2016
Hi Rich,
> OpenSSL doesn't promise to protect against all such errors :)
Really ? I'm a bit surprise that you don't care to allow to divide by zero...
Especially when it's not a big work to prevent such a case.
It's up to you.
> block size of zero is nonsensical
Zero is the block size returned for Blake digests.
And nothing prevents them to be used with PKCS12_key_gen_uni(), and certainly *NOT* the documentation !
;-)
Anyway, it's not a problem for me.
-----Message d'origine-----
De : Rich Salz via RT [mailto:rt at openssl.org]
Envoyé : mardi 19 avril 2016 14:45
À : michel.sales at free.fr
Cc : openssl-dev at openssl.org
Objet : [openssl.org #4514] [BUG] PKCS12_key_gen_uni() crashes when used with Blake
Ah, a slippery slope. We do not check for NULL pointers, and similarly a block size of zero is nonsensical. I am closing this as it's really a caller error.
It has more than enough of its own to worry about.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4514
Please log in as guest with password guest if prompted
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4514
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list