subject:"Re\: \[openssl\-dev\] Is X509

Re: [openssl-dev] Is X509_free(NULL) ok?

2018-01-01 Thread Salz, Rich via openssl-dev

Yes you can do so.  It is documented in most of the manpages, and in 1.1.0 and 
later it should be in all of them.

On 1/1/18, 11:19 AM, "Ray Satiro via openssl-dev"  
wrote:

I'm trying to figure out whether it's supported to call X509_free(NULL)
in 1.0.2 and beyond. It's not documented what action occurs when the
pointer is null. Also generally speaking is it supported to call openssl
free functions with null pointers?


-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev


-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Salz, Rich via openssl-dev

➢So it's guaranteed for 1.1, mostly guaranteed for recent 1.0.2, but not
guaranteed for older 1.0.2.

yes.


➢ I also think it would be good to backport all to 1.0.2

Yes.  I believe I did that, but I am not absolutely 100% positive.

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Ken Goldman


On 12/22/2017 9:59 AM, Salz, Rich via openssl-dev wrote:


I think we fixed all such cases in 1.1.0, all *_free()
functions should handle NULL. I don't think we backported to changes
to 1.0.2.

Yes, and we fixed the documentation.  I backported all/most of them
to 1.0.2 to make cherry-picking easier.  I don’t know if I changed
the docs.


So it's guaranteed for 1.1, mostly guaranteed for recent 1.0.2, but not
guaranteed for older 1.0.2.

If that's the case, I suspect it's just as easy to leave the

if (ptr != NULL)

in the code, as to code an ifdef for version < 1.1.

~~

I also think it would be good to backport all to 1.0.2.  If the 
documentation says it's OK in 1.1, and the coder uses the 1.1 API,

the end user may get crashes if they compile against 1.0.2.




--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Salz, Rich via openssl-dev


➢ I think we fixed all such cases in 1.1.0, all *_free() functions
should handle NULL. I don't think we backported to changes to 1.0.2.

Yes, and we fixed the documentation.  I backported all/most of them to 1.0.2 to 
make cherry-picking easier.  I don’t know if I changed the docs.

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Kurt Roeckx

On Fri, Dec 22, 2017 at 09:30:19AM -0500, Ken Goldman wrote:
> On 12/22/2017 9:24 AM, Salz, Rich via openssl-users wrote:
> > >   if (ptr!= NULL) free(ptr);
> > That shouldn’t be necessary for OpenSSL.  If you find places where it is, 
> > please open an issue.
> 
> OK.  I'll mention a few, but it's a global issue.
> 
> The code may handle NULL.  However, conservative users won't go by what the
> code happens to do today.  We have to go by the API documentation, which is
> the contract between the library and the user.  If the API is silent, we
> cautiously assume it's not guaranteed, and can change in the future.

So feel free to document it as being able to handle NULL.


Kurt

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Kurt Roeckx

On Fri, Dec 22, 2017 at 01:06:20PM +, Salz, Rich via openssl-dev wrote:
> Our intent is that all FREE functions can handle NULL.  If you find things 
> missing or undocumented, please open an issue on GitHub.  Thanks!

I think we fixed all such cases in 1.1.0, all *_free() functions
should handle NULL. I don't think we backported to changes to 1.0.2.


Kurt

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Ken Goldman


On 12/22/2017 9:24 AM, Salz, Rich via openssl-users wrote:

if (ptr!= NULL) free(ptr);
   
That shouldn’t be necessary for OpenSSL.  If you find places where it is, please open an issue.
   


OK.  I'll mention a few, but it's a global issue.

The code may handle NULL.  However, conservative users won't go by what 
the code happens to do today.  We have to go by the API documentation, 
which is the contract between the library and the user.  If the API is 
silent, we cautiously assume it's not guaranteed, and can change in the 
future.





--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Salz, Rich via openssl-dev

Our intent is that all FREE functions can handle NULL.  If you find things 
missing or undocumented, please open an issue on GitHub.  Thanks!
 

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-22 Thread Mischa Salle

Hi,

I think it should be documented, but currently the two supported
branches are ok with NULL:
- following from IMPLEMENT_ASN1_FUNCTIONS(X509), for both
openssl-1.0.2n and 1.1.0g:
- 1.0.2n ends up in asn1_item_combine_free()
- 1.1.0g ends up in asn1_item_embed_free()
- in both cases an explicit check is done for NULL.

See
https://github.com/openssl/openssl/blob/OpenSSL_1_1_0g/crypto/asn1/tasn_fre.c#L36
and
https://github.com/openssl/openssl/blob/OpenSSL_1_0_2n/crypto/asn1/tasn_fre.c#L86

Mischa

On Thu, Dec 21, 2017 at 12:58 AM, Viktor Dukhovni
 wrote:
>
>
>> On Dec 20, 2017, at 5:50 PM, Ray Satiro via openssl-dev 
>>  wrote:
>>
>> 'm trying to figure out whether it's supported to call X509_free(NULL)
>> in 1.0.2 and beyond. It's not documented what action occurs when the
>> pointer is null. Also generally speaking is it supported to call openssl
>> free functions with null pointers?
>
>
> All ASN.1 objects (such as X509 *) that are implemented via
> IMPLEMENT_ASN1_FUNCTIONS(typename) are freed by ASN1_item_free(),
> which I believe handles NULL inputs.
>
> If you don't see immediate crashes on trying it, you can use it
> on NULL inputs with confidence that this is intentional and not
> going to change.
>
> --
> --
> Viktor.
>
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

2017-12-20 Thread Viktor Dukhovni

> On Dec 20, 2017, at 5:50 PM, Ray Satiro via openssl-dev 
>  wrote:
> 
> 'm trying to figure out whether it's supported to call X509_free(NULL)
> in 1.0.2 and beyond. It's not documented what action occurs when the
> pointer is null. Also generally speaking is it supported to call openssl
> free functions with null pointers?

All ASN.1 objects (such as X509 *) that are implemented via
IMPLEMENT_ASN1_FUNCTIONS(typename) are freed by ASN1_item_free(),
which I believe handles NULL inputs.

If you don't see immediate crashes on trying it, you can use it
on NULL inputs with confidence that this is intentional and not
going to change.

-- 
-- 
Viktor.

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

Re: [openssl-dev] Is X509_free(NULL) ok?

10 matches

Site Navigation

Mail list logo

Footer information