[gnutls-devel] GnuTLS | bug in gnutls_init() (#1414)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Wed Oct 19 17:12:18 CEST 2022

Zoltán Fridrich commented:

I believe that if a function outputs its result via an argument, the argument should be left untouched in case of an error. Currently this is clearly not the case with `gnutls_init` which sets session to `NULL` in some cases (but not all) when error occurs. However, I think that handling an error as follows is generally an incorrect approach.
ret = gnutls_init(session, flags);
if (ret < 0)
    return ret;
User should not expect to clean up functions output if that function failed. If this results in segfault, than its the users fault (unless the scenario was documented and the function is bugged).

I would suggest either that
- `gnutls_init` will not modify the output argument on error.
- `gnutls_init` will always set the output argument to some defined value on error. (in this case `NULL`)
In either case, the documentation of `gnutls_init` should be updated to clearly state what happens with session when error occurs.

I would prefer to not touch the argument on error but both solutions are ok imo.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1414#note_1141774040
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20221019/84cc1c1f/attachment-0001.html>

More information about the Gnutls-devel mailing list