Should the return result of CRYPTO_UP_REF() / CRYPTO_DOWN_REF() be checked?

Kurt Roeckx kurt at roeckx.be
Mon Feb 10 17:29:52 UTC 2020


On Mon, Feb 10, 2020 at 04:19:20PM +0000, Matt Caswell wrote:
> 
> 
> On 10/02/2020 00:15, SHANE LONTIS wrote:
> > With the new architecture changes there are quite a few new calls to
> > 
> > CRYPTO_UP_REF()
> > CRYPTO_DOWN_REF()
> > 
> > These methods return an int that is not being checked in lots of places.
> > 
> > This return value only seems to affect fallback code that calls CRYPTO_atomic_add (which can return 0 on lock or unlock failure)
> > 
> > SO the question is should we be checking this return value?
> 
> Yes, I think we should be.

I think that as long as we have that fallback code, that it should
be checked.


Kurt



More information about the openssl-project mailing list