Re: Unclear docs -- request clarification on X509_STORE_add_cert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 1/2/2018 19:36, Dave Coombs wrote:
The observation is correct, but the conclusion is wrong.
The object is reference counted, and X509_free() is needed
to avoid a leak (when the store is freed along with the
context).

My apologies -- I assumed based on its name that X509_OBJECT_up_ref_count was upping the refcount on the internal X509_OBJECT, which had taken over the X509*, which led to my conclusion that freeing the X509_STORE frees the X509 too.  However, you're right, it ups the refcount on the underlying X509, and so the caller *should* free the underlying object when finished with it.

I've now confirmed with a quick test program and valgrind.

Oops,
  -Dave
Thanks.

--
Karl Denninger
karl@xxxxxxxxxxxxx
The Market Ticker
[S/MIME encrypted email preferred]

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux