On 04/25/14 02:37, Ted Unangst wrote:
On Thu, Apr 24, 2014 at 22:17, Alexander Hall wrote:
On 04/23/14 23:01, Ted Unangst wrote:
CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2014/04/23 15:01:15
Modified files:
lib/libssl/src/ssl: kssl.c
Log message:
null pointers after free to prevent double frees and worse. also fix a
Looking at the code, this looks like an effort in being proactive:
free(*princ);
*princ = NULL;
... nothing about 'princ'...
if ((*princ = calloc(1, length)) == NULL)
return KSSL_CTX_ERR;
However, would that not rather risk hiding potential use-after-free's by
not exposing a second free() later on?
Now if you try to use it, you will get an immediate crash. I
Ah, indeed. I was too focused on the free() and my mind was still set on
that the pointer still addressed the already free'd memory. D'oh.
think free then NULL is the best idiom to use anywhere it's not obvious
what the pointer's lifetime will be. In some cases, this is
unnecessary, but it's not burdensome in my opinion. I'm not going
crazy and adding null after every free, just the ones that look
suspicious.
Indeed. I withdraw my comments. :-)
/Alexander
(This one looked a lot more suspicious than it really was because of
the use of '\0' for null. It was in effect already doing what I
changed it to, just in an obfuscated manner.)
