Let SSL_CIPHER_description() allocate the buffer for the description, - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2014-08-24 14:55:23 +0000
committer	jsing <>	2014-08-24 14:55:23 +0000
commit	62555a59e8e169497e389a9beaeb50964d9bda04 (patch)
tree	b5a2e1744f832ba8feeedc5b2f75d581bc678149 /src/usr.bin/openssl/errstr.c
parent	15b6cd2e31b46d6dc4ad006b9dea11a3ea306237 (diff)
download	openbsd-62555a59e8e169497e389a9beaeb50964d9bda04.tar.gz openbsd-62555a59e8e169497e389a9beaeb50964d9bda04.tar.bz2 openbsd-62555a59e8e169497e389a9beaeb50964d9bda04.zip

Let SSL_CIPHER_description() allocate the buffer for the description,

rather than passing in a fixed size buffer. This is yet another example of a horribly designed API - if the given buffer is NULL then SSL_CIPHER_description() allocates one for us (great!), which we then need to free (no problem). However, if this allocation fails it returns a pointer to a static string "OPENSSL_malloc Error" - obviously bad things happen if we call free() with this pointer. Unfortunately, there is no way of knowing that the function failed, other than comparing the returned string against the string literal - so do that before calling free()... Joint work with beck@ during g2k14.

Diffstat (limited to 'src/usr.bin/openssl/errstr.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: