As written now, CRYPTO_get_ex_new_index() will return 0 as an index the first time it is called. When called, CRYPTO_get_ex_new_index() adds a new, dup and free function for the index.
This conflicts with the common use of “app_data” (e.g. SSL_set_app_data(), BIO_set_app_data()) which uses index 0, and does not explicitly reserve it. This can lead to invalid memory frees and/or leaked memory. Having the indices returned by CRYPTO_get_ex_new_index() start at 1 avoids this. -- -Todd Short // tsh...@akamai.com<mailto:tsh...@akamai.com> // “One if by land, two if by sea, three if by the Internet." _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
