On Wed, Aug 15, 2001 at 01:49:05PM +0100, Pawel Krupinski wrote:
> I have just encountered a problem, when I was passing NULL as the second
> argument to function PKCS7_verify, it was "Segmantation fault", it wasn't a
> problem to see why (function X509_STORE_CTX_init doesn't check arguments).
> The question is: What is OpenSSL policy for handling bad argument and what
> is responsible for passing/checking arguments: the code I have written or
> OpenSSL libraries?
Simple answer: your code is responsible.
In some parts of the OpenSSL library, NULL pointers are caught but in most
cases they are not. We could not catch dangling pointers anyway.
The situation is not different from other important libraries, like libc.
The programmer is responsible for calling functions according to the
API documented.
(Of course, if the NULL pointer has a special meaning, it is handled
accordingly.)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
