From d3f5245d8ed558fa8a547c364ffb7d09b83d1a0a Mon Sep 17 00:00:00 2001 From: schwarze <> Date: Sun, 18 Dec 2022 22:27:10 +0000 Subject: document BIO_FLAGS_MEM_RDONLY --- src/lib/libcrypto/man/BIO_s_mem.3 | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/man/BIO_s_mem.3 b/src/lib/libcrypto/man/BIO_s_mem.3 index f2522a8065..437632134b 100644 --- a/src/lib/libcrypto/man/BIO_s_mem.3 +++ b/src/lib/libcrypto/man/BIO_s_mem.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: BIO_s_mem.3,v 1.15 2022/02/19 16:00:14 jsing Exp $ +.\" $OpenBSD: BIO_s_mem.3,v 1.16 2022/12/18 22:27:10 schwarze Exp $ .\" full merge up to: OpenSSL 8711efb4 Mon Apr 20 11:33:12 2009 +0000 .\" selective merge up to: OpenSSL 36359cec Mar 7 14:37:23 2018 +0100 .\" @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: February 19 2022 $ +.Dd $Mdocdate: December 18 2022 $ .Dt BIO_S_MEM 3 .Os .Sh NAME @@ -104,6 +104,10 @@ structure which is extended as appropriate to accommodate the stored data. Any data written to a memory BIO can be recalled by reading from it. Unless the memory BIO is read only, any data read from it is deleted from the BIO. +To find out whether a memory BIO is read only, +.Xr BIO_test_flags 3 +can be called with an argument of +.Dv BIO_FLAGS_MEM_RDONLY . .Pp Memory BIOs support .Xr BIO_gets 3 @@ -262,6 +266,17 @@ first appeared in SSLeay 0.9.1 and have been available since .Fn BIO_new_mem_buf first appeared in OpenSSL 0.9.5 and has been available since .Ox 2.7 . +.Sh CAVEATS +Do not manually switch a writable memory BIO to read-only mode: calling +.Xr BIO_set_flags 3 +with an argument of +.Dv BIO_FLAGS_MEM_RDONLY +will ultimately result in a memory leak when the BIO object is +finally handed to +.Xr BIO_free 3 . +It might also cause security issues because it prevents +.Xr BIO_reset 3 +from clearing the data. .Sh BUGS There should be an option to set the maximum size of a memory BIO. .Pp -- cgit v1.2.3-55-g6feb