[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

[Blumenthal, Uri - 0553 - MITLL]

On 4/26/16, 14:03 , "openssl-dev on behalf of Salz, Rich via RT"
<openssl-dev-bounces at openssl.org on behalf of rt at openssl.org> wrote:

>That code is still wrong.  Once you "get0" something you can only look at
>it.  You cannot pass it off to a "set0" function.  Get0 gives you a
>pointer that *you do not own* and *set0* takes a pointer that you DO own
>and are giving away.

On the other hand, it seems all to easy (IMHO) for a programmer to think
“I got it from OpenSSL, and I’m passing it back…"

>You can't give away something that isn't yours :)

Funny, most of the governments I know of do this quite successfully and at
quite a large scale. For a long time too. :)


>The error is thinking that "my_e" is yours; it's not.  As documented.

Look. If Doug noticed this, programmers less intimate with this API are
much more likely to get stung by it. The protection against such a
misunderstanding is cheap. There is no justification for refusing to put
this defense in. Insulate the wires instead of saying “I told him not to
touch those wires”.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4324 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160426/6da99871/attachment-0001.bin>