Hi, am I somehow missing something obvious or are there numerous error handling checks missing in the SRP implementation?
For example in SRP_create_verifier() in crypto/srp/srp_vfy.c, I would argue that if the first two calls to BN_bin2bn() succeed, but the one for the salt fails, that would produce NULL pointer dereferences somewhere in the bignum calls. In the inverse case, instead, the salt would be leaking, I think? Figuring out what exactly the consequences of each of those unchecked error returns are is tedious, and often, some check deeper into the call tree does indeed catch resulting NULL pointers, but it seems to me like that is more of an accident than intentional design?! Florian ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
