[gnutls-devel] GnuTLS | gnutls_init: Always initialize *session (!1652)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Fri Oct 14 21:14:41 CEST 2022

Eric Blake commented:

I've updated the patches to do a full audit of all gnutls_*_init(gnutls_*_t *var,...) functions, and fixed a couple other things I noticed in the process.  Given the inconsistent mix (some never touched *var except on success, some always set *var on all exit paths, and some were timebombs for double-free if the client blindly assumes calling gnutls_*_deinit(var) was safe on failure), and the existence of code in the wild that assumes unconditional deinit is safe, it was easier to make ALL init functions consistently set a sane value on all exit paths than to try and document which ones are time-bombs.  However, we may still want more documentation changes (copying what I added for gnutls_init() into other *_init functions or into a more centralized overview portion of the manual).

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1652#note_1136528517
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20221014/5bd69704/attachment.html>

More information about the Gnutls-devel mailing list