[openssl-users] ECDSA_SIG_new and ECDSA_SIG_free details
Stephan Mühlstrasser
stm at pdflib.com
Wed Jan 11 15:32:10 UTC 2017
Am 03.01.17 um 21:26 schrieb Viktor Dukhovni:
>
>> On Jan 3, 2017, at 2:55 PM, Ken Goldman <kgoldman at us.ibm.com> wrote:
>>
>> 1 - Is this a bit of a bug?
>>
>> ECDSA_SIG_free() frees the r and s BIGNUMs before is frees the structure itself. However, ECDSA_SIG_new() doesn't set r and s to
>> NULL. It calls zalloc, which sets them to 0x00 bytes.
>>
>> OK, in most platforms, the NULL pointer is an all 0x00 bytes value, but it's not guaranteed by the C standard.
>>
>> E.g., http://c-faq.com/null/confusion4.html
>
> OpenSSL does not support platforms where the memory representation of the
> NULL pointer contains non-zero bytes. IIRC there are even tests for this.
Could someone from the OpenSSL team please explain the rationale for
this decision? What is the problem with using assignments with 0 or NULL
to initialize pointers?
--
Stephan
More information about the openssl-users
mailing list