Should the return result of CRYPTO_UP_REF() / CRYPTO_DOWN_REF() be checked?
Bernd Edlinger
bernd.edlinger at hotmail.de
Mon Feb 10 19:18:34 UTC 2020
On 2/10/20 6:29 PM, Kurt Roeckx wrote:
> On Mon, Feb 10, 2020 at 04:19:20PM +0000, Matt Caswell wrote:
>>
>>
>> On 10/02/2020 00:15, SHANE LONTIS wrote:
>>> With the new architecture changes there are quite a few new calls to
>>>
>>> CRYPTO_UP_REF()
>>> CRYPTO_DOWN_REF()
>>>
>>> These methods return an int that is not being checked in lots of places.
>>>
>>> This return value only seems to affect fallback code that calls CRYPTO_atomic_add (which can return 0 on lock or unlock failure)
>>>
>>> SO the question is should we be checking this return value?
>>
>> Yes, I think we should be.
>
> I think that as long as we have that fallback code, that it should
> be checked.
>
>
Yes, although I wonder why a function that checks
the return value of CRYPTO_THREAD_write_lock and
CRYPTO_THREAD_unlock does not check for
possible overflow of the addition, which is
far more likely to happen.
Bernd.
More information about the openssl-project
mailing list