Claudio Jeker <[email protected]> wrote: > On Thu, Apr 16, 2020 at 09:45:45AM -0600, Theo de Raadt wrote: > > I don't understand the point of any of this cleanup. The process > > is dying and none of these things maintain external state. > > > > I'm going to call it what it is: stylistically stupid and rigid. > > > > Why? Because it would mean every call to errx() in the program is > > wrong because they don't attempt this, and only this one exit() call > > needs this kind of cleanup. That is simply not plausible. > > Indeed, also I noticed that ERR_remove_thread_state() was deprecated in > OpenSSL 1.1 and so I'm kind of back to square 1 again regarding the use of > deprecated functions. > > All this cleanup before exit(3) is done mostly to please runtime memory > leak checkers. > > Also EVP_cleanup() and ERR_free_strings() are deprecated according to > their man page. There is no documentation for CRYPTO_cleanup_all_ex_data() > but looking at the code it seems to be not important. > > Removing all of them seems to be the best move forward.
I'd like to add one more point for others following along in the public: Please don't ever use atexit() for this kind of stuff. On OpenBSD, atexit() has some self-protecting safety features, but those don't exist on other systems. As many, once a program does one atexit() call, if a bug is found to corrupt the atexit memory chain in libc, nasty stuff can be done. People should treat atexit like a loaded gun.
