summaryrefslogtreecommitdiffstats
path: root/secure/lib/libcrypto
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto')
-rw-r--r--secure/lib/libcrypto/man/d2i_X509.310
1 files changed, 9 insertions, 1 deletions
diff --git a/secure/lib/libcrypto/man/d2i_X509.3 b/secure/lib/libcrypto/man/d2i_X509.3
index 4dfb31a..ead4c2b 100644
--- a/secure/lib/libcrypto/man/d2i_X509.3
+++ b/secure/lib/libcrypto/man/d2i_X509.3
@@ -342,6 +342,12 @@ In some versions of OpenSSL the \*(L"reuse\*(R" behaviour of \fId2i_X509()\fR wh
persist if they are not present in the new one. As a result the use
of this \*(L"reuse\*(R" behaviour is strongly discouraged.
.PP
+Current versions of OpenSSL will not modify \fB*px\fR if an error occurs.
+If parsing succeeds then \fB*px\fR is freed (if it is not \s-1NULL\s0) and then
+set to the value of the newly decoded structure. As a result \fB*px\fR
+\&\fBmust not\fR be allocated on the stack or an attempt will be made to
+free an invalid pointer.
+.PP
\&\fIi2d_X509()\fR will not return an error in many versions of OpenSSL,
if mandatory fields are not initialized due to a programming error
then the encoded structure may contain invalid data or omit the
@@ -352,7 +358,9 @@ always succeed.
.IX Header "RETURN VALUES"
\&\fId2i_X509()\fR, \fId2i_X509_bio()\fR and \fId2i_X509_fp()\fR return a valid \fBX509\fR structure
or \fB\s-1NULL\s0\fR if an error occurs. The error code that can be obtained by
-\&\fIERR_get_error\fR\|(3).
+\&\fIERR_get_error\fR\|(3). If the \*(L"reuse\*(R" capability has been used
+with a valid X509 structure being passed in via \fBpx\fR then the object is not
+modified in the event of error.
.PP
\&\fIi2d_X509()\fR returns the number of bytes successfully encoded or a negative
value if an error occurs. The error code can be obtained by
OpenPOWER on IntegriCloud