On 10/23/14 11:33, Stuart Henderson wrote:
On 2014-10-22, Martijn van Duren <martijn...@gmail.com> wrote:
I'm currently trying to write a library that heavily relies on
libcrypto. Because I don't want applications linking to it, to have to
call OpenSSL_add_all_algorithms, for convenience, I added those calls to
the appropriate places in my library. Because of this nature, the
function is called multiple times, and even if I shielded it within my
library it could still be called outside of it by an application using
my library.
fwiw, Asterisk ran into this, this was the result:
http://reviewboard.asterisk.org/r/1006/
Sorry, forgot that misc@ removed attachments.
This time inline:
Index: ./objects/o_names.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/crypto/objects/o_names.c,v
retrieving revision 1.18
diff -u -p -r1.18 o_names.c
--- ./objects/o_names.c 12 Jun 2014 15:49:30 -0000 1.18
+++ ./objects/o_names.c 23 Oct 2014 21:30:33 -0000
@@ -94,6 +94,8 @@ obj_name_cmp(const void *a_void, const v
const OBJ_NAME *a = (const OBJ_NAME *)a_void;
const OBJ_NAME *b = (const OBJ_NAME *)b_void;
+ if (a == NULL || b == NULL)
+ return -1;
ret = a->type - b->type;
if (ret == 0) {
if ((name_funcs_stack != NULL) &&
