Check NULL pointers or not...
Tim Hudson
tjh at cryptsoft.com
Fri Nov 29 09:23:48 UTC 2019
On Fri, Nov 29, 2019 at 7:08 PM Tomas Mraz <tmraz at redhat.com> wrote:
> The "always check for NULL pointers" approach does not avoid
> catastrophical errors in applications.
I didn't say it avoided all errors (nor did anyone else on the thread that
I've read) - but it does avoid a whole class of errors.
And for that particular context there are many things you can do to
mitigate it - and incorrect handling of EVP_CipherUpdate itself is very
common - where error returns are completely ignored.
We could reasonably define that it should wipe out the output buffer on any
error condition - that would make the function safer in a whole pile of
contexts.
However that is talking about a different issue IMHO.
Tim.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20191129/0ca3958a/attachment.html>
More information about the openssl-project
mailing list