On Feb 16, 2017 17:33, "Jacob Champion" <champio...@gmail.com> wrote:
On 02/16/2017 03:16 PM, William A Rowe Jr wrote: > With no docs to that effect, and trying to predict what 1.2.0 might do > to us, the explicit avoidance seems safer, no? > There are docs to that effect for 1.1.0. https://www.openssl.org/docs/man1.1.0/crypto/EC_GROUP_free.html https://www.openssl.org/docs/man1.1.0/crypto/EC_KEY_free.html "If [group, key] is NULL nothing is done." Is there somewhere it is documented what openssl's NULL-safe policy is? > Closest I can find quickly is a recent discussion: https://github.com/openssl/openssl/issues/2271 >From Rich Salz: "All free functions, like C free will be a no-op for NULL. No other changes are planned at this time. Having said that, I am only one member of the team, and I may leave or get out-voted by others. What I can promise is that we are going to try to avoid semantic changes before 1.2, which is unlikely to happen this year." And from Kurt Roeckx: "Calling free() with NULL is expected and documented behaviour, we actually changed it in all functions to work. It seems very unlikely that we will change that." Excellent, I'll back out that change and the needless _internal() case tomorrow if nobody beats me to it. Thanks for the citations!
