Various error-handling fixes #1424

Closed
wants to merge 2 commits into
from

Projects

None yet

3 participants

@davidben
Contributor

No description provided.

davidben added some commits Apr 17, 2017
@davidben davidben openssl: make SSL_ERROR_to_str more future-proof
Rather than making assumptions about the values, use a switch-case.
ddb3c00
@davidben davidben openssl: fix thread-safety bugs in error-handling
ERR_error_string with NULL parameter is not thread-safe. The library
writes the string into some static buffer. Two threads doing this at
once may clobber each other and run into problems. Switch to
ERR_error_string_n which avoids this problem and is explicitly
bounds-checked.

Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
comments (fixed buffer size, explaining that ERR_error_string_n was
added in a particular version) date to when ossl_strerror tried to
support pre-ERR_error_string_n OpenSSLs.
5785989

@davidben, thanks for your PR! By analyzing the history of the files in this pull request, we identified @bagder, @captain-caveman2k and @petrpisaratlascz to be potential reviewers.

@bagder
bagder approved these changes Apr 17, 2017 View changes
@bagder bagder added the SSL/TLS label Apr 17, 2017
@bagder bagder added a commit that closed this pull request Apr 17, 2017
@davidben @bagder davidben + bagder openssl: make SSL_ERROR_to_str more future-proof
Rather than making assumptions about the values, use a switch-case.

Closes #1424
47b2f89
@bagder bagder closed this in 47b2f89 Apr 17, 2017
@bagder bagder added a commit that referenced this pull request Apr 17, 2017
@davidben @bagder davidben + bagder openssl: fix thread-safety bugs in error-handling
ERR_error_string with NULL parameter is not thread-safe. The library
writes the string into some static buffer. Two threads doing this at
once may clobber each other and run into problems. Switch to
ERR_error_string_n which avoids this problem and is explicitly
bounds-checked.

Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
comments (fixed buffer size, explaining that ERR_error_string_n was
added in a particular version) date to when ossl_strerror tried to
support pre-ERR_error_string_n OpenSSLs.

Closes #1424
1c92b5b
Owner
bagder commented Apr 17, 2017

thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment