On 4/26/16, 15:15 , "openssl-dev on behalf of Viktor Dukhovni" <openssl-dev-boun...@openssl.org on behalf of openssl-us...@dukhovni.org> wrote:
>On Tue, Apr 26, 2016 at 12:55:28PM -0500, Douglas E Engert wrote: >> Adding the test "if (n != rsa->n)" before the BN_free in the >>RSA_set0_key >> would catch this. > >The correct test is to return an error in that case, not to skip >the free. The caller is doing the wrong thing, and we should not >silently ignore the mistake. I’m very certain that this test should be done. What’s the correct behavior if/when the caller is “caught” doing the wrong thing - I leave to you guys to decide, as your experience and understanding of these API is better than mine. >There may be other pointers that the caller does not own that he >might be tempted to pass into these functions, say get0 the data >from one RSA object and attempt to set0 the same parameters on >another. I hear you… :-( >The only systemic fix is much more complex. We'd need to manage >and set "library-owned" boolean fields in all the structures returned >by get0 functions and refuse to accept these in "set0" functions. > >Thus a new() constructor would produce a caller owned structure, >as would a get1() accessor, but a get0() access would return a >library owned structure, which would be unsuitable for a set0() >call that takes ownership. Right now get0() returns a library-owned structure. But there isn’t a get1() accessor (unless I’m too tired to search correctly :). >Implementing this pattern would be a major overhaul of the library. I hear you. >For now, yes we could detect just one class of mistake, but I >don't think we should "correct" the mistake, rather we should >report it as such to the caller. I think that detecting just one class of mistake makes one mistake class less to worry about. So it would be great to catch at least this one class for now.
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
