On Sat, Oct 25, 2014 at 07:00, Martijn van Duren wrote:
> On 10/23/14 11:33, Stuart Henderson wrote:
>> On 2014-10-22, Martijn van Duren <martijn...@gmail.com> wrote:
>>> I'm currently trying to write a library that heavily relies on
>>> libcrypto. Because I don't want applications linking to it, to have to
>>> call OpenSSL_add_all_algorithms, for convenience, I added those calls to
>>> the appropriate places in my library. Because of this nature, the
>>> function is called multiple times, and even if I shielded it within my
>>> library it could still be called outside of it by an application using
>>> my library.
>>
>> fwiw, Asterisk ran into this, this was the result:
>>
>> http://reviewboard.asterisk.org/r/1006/
>>
> Sorry, forgot that misc@ removed attachments.
> This time inline:
> Index: ./objects/o_names.c
> ===================================================================
> RCS file: /cvs/src/lib/libssl/src/crypto/objects/o_names.c,v
> retrieving revision 1.18
> diff -u -p -r1.18 o_names.c
> --- ./objects/o_names.c       12 Jun 2014 15:49:30 -0000      1.18
> +++ ./objects/o_names.c       23 Oct 2014 21:30:33 -0000
> @@ -94,6 +94,8 @@ obj_name_cmp(const void *a_void, const v
> const OBJ_NAME *a = (const OBJ_NAME *)a_void;
> const OBJ_NAME *b = (const OBJ_NAME *)b_void;
> 
> +     if (a == NULL || b == NULL)
> +             return -1;
> ret = a->type - b->type;
> if (ret == 0) {
> if ((name_funcs_stack != NULL) &&

This can't be correct. That will sometimes sort NULL objects to the
front and sometimes to the back. It has to be one way or the other
(and that's assuming it's not an error to sort NULL objects in the
first place).

Reply via email to