Should the return result of CRYPTO_UP_REF() / CRYPTO_DOWN_REF() be checked?
SHANE LONTIS
shane.lontis at oracle.com
Mon Feb 10 00:15:38 UTC 2020
With the new architecture changes there are quite a few new calls to
CRYPTO_UP_REF()
CRYPTO_DOWN_REF()
These methods return an int that is not being checked in lots of places.
This return value only seems to affect fallback code that calls CRYPTO_atomic_add (which can return 0 on lock or unlock failure)
SO the question is should we be checking this return value?
Note that not checking has resulted in a few assumptions in other code…
e.g the following function returns void.
/crypto/evp/keymgmt_lib.c: 165 in evp_keymgmt_util_cache_pkey()
159 }
160
161 void evp_keymgmt_util_cache_pkey(EVP_PKEY *pk, size_t index,
162 EVP_KEYMGMT *keymgmt, void *keydata)
163 {
164 if (keydata != NULL) {
>>> CID 1458170: Error handling issues (CHECKED_RETURN)
>>> Calling "EVP_KEYMGMT_up_ref" without checking return value (as is done elsewhere 4 out of 5 times).
165 EVP_KEYMGMT_up_ref(keymgmt);
NOTE: EVP_KEYMGMT_up_ref() just does an CRYPTO_UP_REF() call and always returns 1.
More information about the openssl-project
mailing list