[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems
Tomas Mraz
tmraz at redhat.com
Mon Apr 25 14:04:18 UTC 2016
On Po, 2016-04-25 at 13:39 +0000, Richard Levitte via RT wrote:
> In message <rt-4.0.19-29510-1461590378-1354.4518-6-0 at openssl.org> on
> Mon, 25 Apr 2016 13:19:38 +0000, "Salz, Rich via RT" <rt at openssl.org>
> said:
>
> rt> No, he means setting the same value twice. For example, making
> this change:
> rt> If (r=->n != n) BN_free(r->n);
> rt> If(r->e != e) BN_free(r->e);
> rt> If (r->d != d) BN_free(r->d);
> rt>
> rt> I agree it shouldn't happen, but do we want to protect against
> that? I could be convinced either way.
>
> Ah ok... sorry, I misread the intention.
>
> Agreed that we could make sure not to free the pointers in that case.
In that case this should be properly documented so the users of the API
can depend on it.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
(You'll never know whether the road is wrong though.)
More information about the openssl-dev
mailing list