[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_, RSA_set0_, DSA_set0_* and DSA_get0_* problems

Mon Apr 25 14:04:27 UTC 2016

On Po, 2016-04-25 at 13:39 +0000, Richard Levitte via RT wrote:
> In message <rt-4.0.19-29510-1461590378-1354.4518-6-0 at openssl.org> on
> Mon, 25 Apr 2016 13:19:38 +0000, "Salz, Rich via RT" <rt at openssl.org>
> said:
> 
> rt> No, he means setting the same value twice.  For example, making
> this change:
> rt>     If (r=->n != n) BN_free(r->n);
> rt>     If(r->e != e) BN_free(r->e);
> rt>     If (r->d != d) BN_free(r->d);
> rt> 
> rt> I agree it shouldn't happen, but do we want to protect against
> that?  I could be convinced either way.
> 
> Ah ok...  sorry, I misread the intention.
> 
> Agreed that we could make sure not to free the pointers in that case.

In that case this should be properly documented so the users of the API
can depend on it.

-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
(You'll never know whether the road is wrong though.)

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4518
Please log in as guest with password guest if prompted

[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_, RSA_set0_, DSA_set0_* and DSA_get0_* problems