Hello,
As you know, using signed int instead of size_t for size handling is a
common source of potential remote code execution…
Openssl have lot of functions that takes "int len" as a parameter. Of
course changing the api by using size_t would cause problems. So for the
functions that can returns errors like BIOS_read(), what about letting
the application that did a mistake know they did wrong (because of a
vulnerability) ?
I mean checking in Openssl that the given integers aren’t negative in
the concerned functions (taking the bio_read() example if len would be
negative -1 would be returned).
Existing applications normally already check the return value of such
function, so they have code to handle it.
Of course I can make such change (and in fact will finish to do it if
you agree with this)
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
