Check NULL pointers or not...

Dr Paul Dale paul.dale at
Fri Nov 29 09:40:14 UTC 2019

Oops, you are correct.  I was under the mistaken impression that ossl_assert compiled to nothing outside of debug mode.

Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia

> On 29 Nov 2019, at 7:22 pm, Matt Caswell <matt at> wrote:
> On 29/11/2019 08:38, Dr Paul Dale wrote:
>> I’d prefer option 1 or the middle ground.  I’ve lost count of the
>> number of times I’ve seen programs crashing in the crypto library
>> which required mammoth debugging efforts to irrefutably demonstrate
>> that the caller is at fault rather than the crypto library :(
>> Option 1 would be preferable from this point of view but it can cause
>> a performance hit — most of the time it wouldn’t matter but when it
>> does it would be a big deal.  The middle ground doesn’t entail any
>> performance loss in production code (it does in debug but that
>> shouldn’t be relevant).
> I think you misunderstand the middle ground option:
>    if (!ossl_assert(ptr != NULL)) {
>        return 0;
>    }
> In debug code this will crash if ptr is NULL. In production code this
> acts exactly like option 1 - so has exactly the same performance hit.
> For the record my preference is the middle ground option as being the
> norm for new code and where we make a significant refactor of old code.
> If something truly is performance critical then we can choose not to do
> it in those cases.
> Matt

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-project mailing list