From 78b10493a91934558bc135e1b7b2ac227340d875 Mon Sep 17 00:00:00 2001 From: Eugene Syromiatnikov Date: Thu, 31 Jul 2025 15:21:01 +0200 Subject: [PATCH] OPENSSL_secure_malloc.pod: articulate possibly non-secure pointer being returned MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The semantics of OPENSSL_secure_[mz]alloc is somewhat unorthodox, as it silently return a pointer to non-secure memory if the arena is not initialised, which, while mentioned in the DESCRIPTION, is not clear from reading the pertaining part of the RETURNING VALUE section alone; explicitly state that the memory may be allocated by OPENSSL_calloc instead if the secure heap is not initialised. Signed-off-by: Eugene Syromiatnikov Reviewed-by: Saša Nedvědický Reviewed-by: Matt Caswell Reviewed-by: Paul Dale Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/28059) --- doc/man3/OPENSSL_secure_malloc.pod | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/man3/OPENSSL_secure_malloc.pod b/doc/man3/OPENSSL_secure_malloc.pod index f887da4c11..e9586be0eb 100644 --- a/doc/man3/OPENSSL_secure_malloc.pod +++ b/doc/man3/OPENSSL_secure_malloc.pod @@ -137,8 +137,9 @@ but CRYPTO_secure_malloc_done() has not been called or failed) or 0 if not. OPENSSL_secure_malloc(), CRYPTO_secure_malloc(), OPENSSL_secure_zalloc(), CRYPTO_secure_zalloc(), OPENSSL_secure_malloc_array(), CRYPTO_secure_malloc_array(), OPENSSL_secure_calloc(), and CRYPTO_secure_calloc() -return a pointer into the secure heap of the requested size, -or C if memory could not be allocated. +return a pointer into the secure heap of the requested size, if it is +initialised, a pointer returned by the underlying OPENSSL_malloc() call, +if it is not, or C on error. CRYPTO_secure_allocated() returns 1 if the pointer is in the secure heap, or 0 if not. -- 2.47.2