We've had a policy for a while of not requiring NULL checks in
functions. However there is a difference between not adding them for new
functions and actively removing them for old ones.

See https://github.com/openssl/openssl/pull/6893

In this case the removal of a NULL check in the stack code had the
unintended consequence of a crash in a no-comp build. Is it wise to be
actively removing existing NULL checks like this? It does have an impact
on the behaviour of a function (even if that behaviour is undocumented
and not encouraged). The concern I have is for our API/ABI compatibility
guarantee. If we make changes like this then 1.1.1 may no longer be a
drop in replacement for 1.1.0 for some apps.

Matt

_______________________________________________
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Reply via email to