On Tue, May 23, 2023 at 12:40:40PM -0400, Marc Aldorasi wrote: > The man page for CRYPTO_get_ex_new_index says that "the value 0 is > reserved for the legacy "app_data" APIs", but the function can still > return 0, which can cause issues for programs that use both APIs. The > attached patch causes the returned indices to start at 1 instead. > > See also the corresponding OpenSSL bug report: > https://marc.info/?l=openssl-dev&m=142421750627504&w=2
Thanks for the diff. This makes some sense, but I need to look closer to understand the full ramifications. Unfortunately, OpenSSL's rt is now lost to the Internet Dark Ages, so information is a bit lacking. What made you write this patch? Is there a real-world issue you ran into? If so, could you point me at it? Thanks. > diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c > index b1e391366..d9c39b2c4 100644 > --- a/src/lib/libcrypto/ex_data.c > +++ b/src/lib/libcrypto/ex_data.c > @@ -320,7 +320,7 @@ def_get_class(int class_index) > gen = malloc(sizeof(EX_CLASS_ITEM)); > if (gen) { > gen->class_index = class_index; > - gen->meth_num = 0; > + gen->meth_num = 1; > gen->meth = sk_CRYPTO_EX_DATA_FUNCS_new_null(); > if (!gen->meth) > free(gen);