New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Various error-handling fixes #1424

Closed
wants to merge 2 commits into
base: master
from

Conversation

Projects
None yet
3 participants
@davidben
Contributor

davidben commented Apr 17, 2017

No description provided.

davidben added some commits Apr 17, 2017

openssl: make SSL_ERROR_to_str more future-proof
Rather than making assumptions about the values, use a switch-case.
openssl: fix thread-safety bugs in error-handling
ERR_error_string with NULL parameter is not thread-safe. The library
writes the string into some static buffer. Two threads doing this at
once may clobber each other and run into problems. Switch to
ERR_error_string_n which avoids this problem and is explicitly
bounds-checked.

Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
comments (fixed buffer size, explaining that ERR_error_string_n was
added in a particular version) date to when ossl_strerror tried to
support pre-ERR_error_string_n OpenSSLs.
@mention-bot

This comment has been minimized.

Show comment
Hide comment
@mention-bot

mention-bot Apr 17, 2017

@davidben, thanks for your PR! By analyzing the history of the files in this pull request, we identified @bagder, @captain-caveman2k and @petrpisaratlascz to be potential reviewers.

mention-bot commented Apr 17, 2017

@davidben, thanks for your PR! By analyzing the history of the files in this pull request, we identified @bagder, @captain-caveman2k and @petrpisaratlascz to be potential reviewers.

@bagder

bagder approved these changes Apr 17, 2017

@bagder bagder added the SSL/TLS label Apr 17, 2017

@bagder bagder closed this in 47b2f89 Apr 17, 2017

bagder added a commit that referenced this pull request Apr 17, 2017

openssl: fix thread-safety bugs in error-handling
ERR_error_string with NULL parameter is not thread-safe. The library
writes the string into some static buffer. Two threads doing this at
once may clobber each other and run into problems. Switch to
ERR_error_string_n which avoids this problem and is explicitly
bounds-checked.

Also clean up some remnants of OpenSSL 0.9.5 around here. A number of
comments (fixed buffer size, explaining that ERR_error_string_n was
added in a particular version) date to when ossl_strerror tried to
support pre-ERR_error_string_n OpenSSLs.

Closes #1424
@bagder

This comment has been minimized.

Show comment
Hide comment
@bagder

bagder Apr 17, 2017

Member

thanks!

Member

bagder commented Apr 17, 2017

thanks!

@lock lock bot locked as resolved and limited conversation to collaborators May 21, 2018

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.