Check NULL pointers or not...
Matt Caswell
matt at openssl.org
Fri Nov 29 09:22:01 UTC 2019
On 29/11/2019 08:38, Dr Paul Dale wrote:
> I’d prefer option 1 or the middle ground. I’ve lost count of the
> number of times I’ve seen programs crashing in the crypto library
> which required mammoth debugging efforts to irrefutably demonstrate
> that the caller is at fault rather than the crypto library :(
>
> Option 1 would be preferable from this point of view but it can cause
> a performance hit — most of the time it wouldn’t matter but when it
> does it would be a big deal. The middle ground doesn’t entail any
> performance loss in production code (it does in debug but that
> shouldn’t be relevant).
I think you misunderstand the middle ground option:
if (!ossl_assert(ptr != NULL)) {
ERR_raise(ERR_LIB_WHATEVER, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
In debug code this will crash if ptr is NULL. In production code this
acts exactly like option 1 - so has exactly the same performance hit.
For the record my preference is the middle ground option as being the
norm for new code and where we make a significant refactor of old code.
If something truly is performance critical then we can choose not to do
it in those cases.
Matt
More information about the openssl-project
mailing list