Check NULL pointers or not...
Salz, Rich
rsalz at akamai.com
Fri Nov 29 18:02:02 UTC 2019
* In a production environment, it is almost never appropriate to simply crash in an uncontrolled manner (i.e. dereferencing a NULL pointer).
Applications that want this can check parameters themselves before calling the function.
Saying “C arguments don’t hold” is only because it goes against your position :)
FILE *f = fopen(“/”, “w”);
fprintf(f, “hello world”);
Is a programming error. No two ways about it. The C runtime doesn’t protect against that programming error.
The OpenSSL contract says things like “foo points to a {some type of object}” Except for the free routines – which was new in 1.1 – it says nothing about NULL. (i2d/d2i also excepted)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20191129/0cfe7da5/attachment.html>
More information about the openssl-project
mailing list