diff options
Diffstat (limited to 'secure/lib/libcrypto')
-rw-r--r-- | secure/lib/libcrypto/man/d2i_X509.3 | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/secure/lib/libcrypto/man/d2i_X509.3 b/secure/lib/libcrypto/man/d2i_X509.3 index 4dfb31a..ead4c2b 100644 --- a/secure/lib/libcrypto/man/d2i_X509.3 +++ b/secure/lib/libcrypto/man/d2i_X509.3 @@ -342,6 +342,12 @@ In some versions of OpenSSL the \*(L"reuse\*(R" behaviour of \fId2i_X509()\fR wh persist if they are not present in the new one. As a result the use of this \*(L"reuse\*(R" behaviour is strongly discouraged. .PP +Current versions of OpenSSL will not modify \fB*px\fR if an error occurs. +If parsing succeeds then \fB*px\fR is freed (if it is not \s-1NULL\s0) and then +set to the value of the newly decoded structure. As a result \fB*px\fR +\&\fBmust not\fR be allocated on the stack or an attempt will be made to +free an invalid pointer. +.PP \&\fIi2d_X509()\fR will not return an error in many versions of OpenSSL, if mandatory fields are not initialized due to a programming error then the encoded structure may contain invalid data or omit the @@ -352,7 +358,9 @@ always succeed. .IX Header "RETURN VALUES" \&\fId2i_X509()\fR, \fId2i_X509_bio()\fR and \fId2i_X509_fp()\fR return a valid \fBX509\fR structure or \fB\s-1NULL\s0\fR if an error occurs. The error code that can be obtained by -\&\fIERR_get_error\fR\|(3). +\&\fIERR_get_error\fR\|(3). If the \*(L"reuse\*(R" capability has been used +with a valid X509 structure being passed in via \fBpx\fR then the object is not +modified in the event of error. .PP \&\fIi2d_X509()\fR returns the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by |