root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

OPENSSL_secure_malloc.pod: articulate possibly non-secure pointer being returned 

The semantics of OPENSSL_secure_[mz]alloc is somewhat unorthodox,
as it silently return a pointer to non-secure memory if the arena
is not initialised, which, while mentioned in the DESCRIPTION, is not
clear from reading the pertaining part of the RETURNING VALUE section alone;
explicitly state that the memory may be allocated by OPENSSL_calloc instead
if the secure heap is not initialised.

Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>
This commit is contained in:
Eugene Syromiatnikov 2025-07-31 15:21:01 +02:00
parent 351ac146d5
commit 54ca0d0e22
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/man3/OPENSSL_secure_malloc.pod
View File

@ -137,8 +137,9 @@ but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not.
OPENSSL_secure_malloc(), CRYPTO_secure_malloc(), OPENSSL_secure_zalloc(), OPENSSL_secure_malloc(), CRYPTO_secure_malloc(), OPENSSL_secure_zalloc(),
CRYPTO_secure_zalloc(), OPENSSL_secure_malloc_array(), CRYPTO_secure_zalloc(), OPENSSL_secure_malloc_array(),
CRYPTO_secure_malloc_array(), OPENSSL_secure_calloc(), and CRYPTO_secure_calloc() CRYPTO_secure_malloc_array(), OPENSSL_secure_calloc(), and CRYPTO_secure_calloc()
return a pointer into the secure heap of the requested size, return a pointer into the secure heap of the requested size, if it is
or C<NULL> if memory could not be allocated. initialised, a pointer returned by the underlying OPENSSL_malloc() call,
if it is not, or C<NULL> on error.
CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not. CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not.