Non-heap based structures

Tomas Mraz tomas at
Wed Jul 27 06:51:42 UTC 2022


there is no way to do that with OpenSSL 1.1.0 and newer. The thing is
that with recent versions of OpenSSL the later operations with the
EVP_MD_CTX can fail for other reasons than memory allocation failure
such as algorithm unavailability from a provider. So you would need to
check anyway.

If the only unchecked place is the context allocation, you can add the
NULL checks to all other places where you use the context.


On Tue, 2022-07-26 at 23:42 -0600, Philip Prindeville wrote:
> Hi,
> I suspect I already know the answer, but... is there a way to have a
> non-heap based structure like EVP_MD_CTX?
> If I don't want to have one be malloc'd (or OPENSSL_zalloc'd as the
> case may be), I can't have one be a stack variable or static, can I?
> I ask because I'm trying to replace some existing code that has no
> path to handle out-of-memory exceptions if EVP_MD_CTX_create() ever
> returns NULL...
> I guess the point of crypto/evp/evp_local.h is to completely hide
> details of the structure, including its size... so the answer to the
> original question is probably "no".  But I just wanted to make sure.
> Thanks,
> -Philip

Tomáš Mráz, OpenSSL

More information about the openssl-users mailing list