On 2012-06-04 8:10 PM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
Having no current access to the C89 standard or its
drafts, I am relying on the experience that many C89
real world systems I have encountered did not tolerate
free(NULL). In contrast all
On 6/5/2012 6:19 AM, Zack Weinberg wrote:
On 2012-06-04 8:10 PM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
Having no current access to the C89 standard or its
drafts, I am relying on the experience that many C89
real world systems I have encountered did
On Tue, Jun 5, 2012 at 4:35 AM, Jakob Bohm jb-open...@wisemo.com wrote:
On 6/5/2012 6:19 AM, Zack Weinberg wrote:
According to http://gcc.gnu.org/ml/gcc-patches/2011-03/msg00376.html the
last widely-used platform that crashed on free(NULL) was SunOS 4, which
stopped being a reasonable
From: owner-openssl-us...@openssl.org On Behalf Of Jakob Bohm
Sent: Tuesday, 29 May, 2012 03:34
On 5/27/2012 2:29 AM, Jeremy Farrell wrote:
snip: ANSI C and POSIX make free(NULL) no-op
Note that when considering portability, C99 is not yet
fully implemented everywhere, so when I say ANSI C
On 5/29/2012 8:56 PM, Jeremy Farrell wrote:
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
Sent: Tuesday, May 29, 2012 8:34 AM
On 5/27/2012 2:29 AM, Jeremy Farrell wrote:
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
On 5/25/2012 5:30 PM, Ken Goldman wrote:
On 5/25/2012 3:33 AM, Jakob Bohm
On 5/27/2012 2:29 AM, Jeremy Farrell wrote:
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
On 5/25/2012 5:30 PM, Ken Goldman wrote:
On 5/25/2012 3:33 AM, Jakob Bohm wrote:
ANSI C and POSIX free() is NOT required to handle free(NULL)
as a NOP.
I checked reputable sources (Plauger, Harbison
From: Jakob Bohm jb-open...@wisemo.com
Which version of the ANSI Spec, and where did you get a copy?
I have to rely on secondary sources and experience using various
implementations that claim conformance.
I generally refer to Plauger's The Standard C Library, where he quotes
the spec
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
Sent: Tuesday, May 29, 2012 8:34 AM
On 5/27/2012 2:29 AM, Jeremy Farrell wrote:
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
On 5/25/2012 5:30 PM, Ken Goldman wrote:
On 5/25/2012 3:33 AM, Jakob Bohm wrote:
ANSI C and POSIX free() is
(somewhat offtopic)
From: owner-openssl-us...@openssl.org On Behalf Of Jeremy Farrell
Sent: Saturday, 26 May, 2012 20:29
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
Which version of the ANSI Spec, and where did you get a copy?
I quoted from C99 in a recent message; can't remember
Hi all,
Which version of the ANSI Spec, and where did you get a copy?
I have to rely on secondary sources and experience using
various implementations that claim conformance.
Wikipedia http://en.wikipedia.org/wiki/ANSI_C is used to have
a link to a recent draft (free of charge) which is
On 5/25/2012 5:30 PM, Ken Goldman wrote:
On 5/25/2012 3:33 AM, Jakob Bohm wrote:
ANSI C and POSIX free() is NOT required to handle free(NULL)
as a NOP.
I checked reputable sources (Plauger, Harbison and Steele, the ANSI
spec, and the IEEE POSIX spec).
All agree that (e.g. ANSI)
If ptr is
In message cah8yc8mpmuxmnjdhxf0-fsiu0fjsgwxcpjggipup06w8w83...@mail.gmail.com
on Fri, 25 May 2012 11:39:05 -0400, Jeffrey Walton noloa...@gmail.com said:
noloader Perhaps I'm looking at the wrong free function (or I'm not
noloader reading/deducing correct behavior), but it looks like a double
On 05/26/2012 12:28 PM, Jakob Bohm wrote:
On 5/25/2012 5:30 PM, Ken Goldman wrote:
On 5/25/2012 3:33 AM, Jakob Bohm wrote:
ANSI C and POSIX free() is NOT required to handle free(NULL)
as a NOP.
I checked reputable sources (Plauger, Harbison and Steele, the ANSI
spec, and the IEEE POSIX
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
On 5/25/2012 5:30 PM, Ken Goldman wrote:
On 5/25/2012 3:33 AM, Jakob Bohm wrote:
ANSI C and POSIX free() is NOT required to handle free(NULL)
as a NOP.
I checked reputable sources (Plauger, Harbison and Steele, the ANSI
spec, and the
On 5/25/2012 12:30 AM, Richard Levitte wrote:
In messagecagxgq09umap5b1bhsyjj54srwrg-syzqnodk5rh_gnt29xa...@mail.gmail.com on
Thu, 24 May 2012 17:46:49 +0530, Sudarshan Raghavansudarshan.t.ragha...@gmail.com
said:
sudarshan.t.raghavan Hi,
sudarshan.t.raghavan
sudarshan.t.raghavan I am
Ok, I can fix the custom free to take care of this. But, why is this
happening in openssl 1.0.1 and not in 1.0.0 or 0.9.8? Is there is a
document or resource in the web that explains what is expected from
the custom alloc, realloc and free routines?
Regards,
Sudarshan
On Fri, May 25, 2012 at
I enabled debug symbols in openssl and this is what I am seeing
#3 0x0828bd74 in CUSTOM_FREE (oldMem=0x0) at ssl_mem.c:34
#4 0xb758e160 in CRYPTO_free (str=0x0) at mem.c:397
#5 0xb773520c in SSL_SRP_CTX_free (s=0xb3e4f300) at tls_srp.c:102
#6 0xb77091c0 in ssl3_free (s=0xb3e4f300) at
I can see this code in s3_lib.c
if (ctx-srp_ctx.login != NULL)
OPENSSL_free(ctx-srp_ctx.login);
while tls_srp.c does not have the NULL check before calling free. I
added the NULL check in tls_srp.c and I am not seeing the crash
anymore. Is this the fix or
In message 4fbf35d0.3020...@wisemo.com on Fri, 25 May 2012 09:33:36 +0200,
Jakob Bohm jb-open...@wisemo.com said:
jb-openssl On 5/25/2012 12:30 AM, Richard Levitte wrote:
jb-openssl In
jb-openssl
messagecagxgq09umap5b1bhsyjj54srwrg-syzqnodk5rh_gnt29xa...@mail.gmail.com
jb-openssl on Thu, 24
On Fri, May 25, 2012 at 7:25 AM, Sudarshan Raghavan
sudarshan.t.ragha...@gmail.com wrote:
Ok, I can fix the custom free to take care of this. But, why is this
happening in openssl 1.0.1 and not in 1.0.0 or 0.9.8?
I think the question to ask is why your code or library routines are
not validating
Hi all!
* Jeffrey Walton Sent: Friday, May 25, 2012 4:39 PM
On Fri, May 25, 2012 at 7:25 AM, Sudarshan Raghavan
sudarshan.t.ragha...@gmail.com wrote:
Ok, I can fix the custom free to take care of this.
But, why is this happening in openssl 1.0.1 and not in 1.0.0
On 5/25/2012 11:03 AM, Steffen DETTMER wrote:
I think crashing with NULL is quite good: a must-not-happen situation
leads to a defined dead of SIGSEGVs, at least for platforms supporting
that, typically with good aid for debuggin (like core files or halting
debuggers providing a backtrace).
On 5/25/2012 3:33 AM, Jakob Bohm wrote:
ANSI C and POSIX free() is NOT required to handle free(NULL)
as a NOP.
I checked reputable sources (Plauger, Harbison and Steele, the ANSI
spec, and the IEEE POSIX spec).
All agree that (e.g. ANSI)
If ptr is a null pointer, no action occurs.
On Thu, May 24, 2012 at 8:16 AM, Sudarshan Raghavan
sudarshan.t.ragha...@gmail.com wrote:
Hi,
I am using CRYPTO_set_mem_functions to use our own custom memory
routines in a non blocking proxy implementation. This was working fine
in 0.9.8 and 1.0.0 but with 1.0.1c I can see that the custom
On 5/25/2012 11:25 AM, Ken Goldman wrote:
On 5/25/2012 11:03 AM, Steffen DETTMER wrote:
I think crashing with NULL is quite good: a must-not-happen situation
leads to a defined dead of SIGSEGVs, at least for platforms supporting
that, typically with good aid for debuggin (like core files or
I agree. Passing NULL to a free function is most likely due to a bug. Given
that would you rather assert and find out the reason or ignore. I would
assume the defensive option would be to assert and analyze the core. My 2
cents.
Regards,
Sudarshan
On 25-May-2012 8:39 PM, Steffen DETTMER
On Fri, May 25, 2012 at 11:25 AM, Ken Goldman kgold...@us.ibm.com wrote:
On 5/25/2012 11:03 AM, Steffen DETTMER wrote:
I think crashing with NULL is quite good: a must-not-happen situation
leads to a defined dead of SIGSEGVs, at least for platforms supporting
that, typically with good aid for
On 5/25/2012 12:09 PM, Jeffrey Walton wrote:
My typical design pattern is:
void *ptr = NULL;
do stuff which may in some branches allocate the pointer
free(ptr);
This is very old, and has not evolved as security needs have changed
(forgive me if I read too much into it). For example, the
On 5/25/2012 11:41 AM, Carter Browne wrote:
That's not the normal library behavior.
My typical design pattern is:
void *ptr = NULL;
do stuff which may in some branches allocate the pointer
free(ptr);
If the library crashes on free(NULL), you're just making people like me
do this everywhere:
Hi all!
If the library crashes on free(NULL), you're just making
people like me do this everywhere:
if (ptr != NULL) free (ptr);
ok, if you have a test case free (NULL), agreed ;-)
Seems not all platforms conform to the free(NULL) is a no-op.
I understand your example, thanks for that,
From: Jakob Bohm [mailto:jb-open...@wisemo.com]
On 5/25/2012 12:30 AM, Richard Levitte wrote:
sudarshan.t.raghavan I am assuming the default
sudarshan.t.raghavan free routine ignores a NULL argument
Your assumption is correct, OpenSSL expects the same semantics as
malloc(),
Hi,
I am using CRYPTO_set_mem_functions to use our own custom memory
routines in a non blocking proxy implementation. This was working fine
in 0.9.8 and 1.0.0 but with 1.0.1c I can see that the custom free
routine is being invoked with a NULL argument after calling SSL_free
and this results in
On Thu, May 24, 2012, Sudarshan Raghavan wrote:
Hi,
I am using CRYPTO_set_mem_functions to use our own custom memory
routines in a non blocking proxy implementation. This was working fine
in 0.9.8 and 1.0.0 but with 1.0.1c I can see that the custom free
routine is being invoked with a NULL
In message cagxgq09umap5b1bhsyjj54srwrg-syzqnodk5rh_gnt29xa...@mail.gmail.com
on Thu, 24 May 2012 17:46:49 +0530, Sudarshan Raghavan
sudarshan.t.ragha...@gmail.com said:
sudarshan.t.raghavan Hi,
sudarshan.t.raghavan
sudarshan.t.raghavan I am using CRYPTO_set_mem_functions to use our own custom
34 matches
Mail list logo