David Benjamin
David Benjamin
Based on https://github.com/openssl/openssl/issues/23494#issuecomment-2036134844, I take it this was derived from the BoringSSL one? Keep in mind that `stat` appears in this list: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api?language=objc We have an empty one, but we'd...
I think a better fix would be to load the values via `memcpy`: * You don't waste the fuzzer's time mutating ignored bytes in the padding * Aligned or not,...
Depends on the use case. TLS doesn't because TLS uses signing keys for the long-lived credential, but there are plenty of protocols that are designed differently. HPKE, other ECIES schemes,...
I might suggest that OpenSSL consider just open those cases internally in binary mode. The PEM parser already handles CRLF itself and this helps avoid platform differences in processing the...
Given the myriad of ways that the `atexit` behavior can go wrong, I don't think it makes sense to play whack-a-mole trying to patch individual functions for broken invariants. Doing...
@hyc It's not my CI job. While I contribute to OpenSSL and am quite familiar with the problem space, I'm not a decision maker for project. I work on BoringSSL,...
> mandating applications call OPENSSL_cleanup on their own prior to exit What exactly does OpenSSL do in atexit that requires this? There is no need to free things like memory...
A correct leak detector should incorporate reachability into how it reports things. We primarily use LSan, which gets this right, and this says valgrind does too: https://developers.redhat.com/blog/2021/04/23/valgrind-memcheck-different-ways-to-lose-your-memory It sounds then...
That doesn't really solve the problem, just makes it worse. The right thing for the libraries wasn't `atexit`. As we've seen throughout all this, `atexit` is a *problem* for libraries....
Ah interesting. Okay, so anyone calling `OPENSSL_cleanup` is probably doing so less out of confusion and more out of the bad documentation. I think the bad documentation is still sufficient...