[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems
Richard Levitte via RT
rt at openssl.org
Tue Apr 26 06:01:59 UTC 2016
Unfortunately, the solution in that PR is flawed. Back to the drawing board.
Vid Mon, 25 apr 2016 kl. 18.39.24, skrev levitte:
> So, listening to what everyone had to say, perhaps this PR is better
> then:
>
> https://github.com/openssl/openssl/pull/995
>
> In message <a35573177bdb41388fb1d6c2670fefd6 at usma1ex-
> dag1mb1.msg.corp.akamai.com> on Mon, 25 Apr 2016 17:45:05 +0000,
> "Salz, Rich" <rsalz at akamai.com> said:
>
> rsalz>
> rsalz> > The 3-slot function is I think cleaner.
> rsalz> >
> rsalz> > I'll leave the decision of whether and when to support NULL
> rsalz> > parameters to
> rsalz> > the folks working on that code, but it is pretty clear that
> rsalz> > one must not pass an
> rsalz> > object one does not "own", such as one returned from a "get0"
> rsalz> > function, to a
> rsalz> > function that expects to take ownership of the indicated
> rsalz> > object.
> rsalz>
> rsalz> Agree with both of those.
> rsalz>
> rsalz> After a "set0" call, set your pointer to NULL, it's no longer
> rsalz> yours :)
> rsalz> --
> rsalz> openssl-dev mailing list
> rsalz> To unsubscribe:
> rsalz> https://mta.openssl.org/mailman/listinfo/openssl-dev
> rsalz>
--
Richard Levitte
levitte at openssl.org
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4518
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list