Allow NULL pointer in OpenSSL free function anytime
I was trying SoftHSM plugin along with OpenSSL PKCS#11 engine today. I found SoftHSM 2.5 would crash in Bind 9.11.5 if used like I did.
I did not use native PKCS#11.
dnssec-keyfromlabel -E pkcs11 -a RSASHA256 -l 'pkcs11:token=DNS;object=DNS2;pin-value=1234' test
The thing is, i reported an issue to SoftHSM, but there is also failure on BIND side. I fixed it and it crashed again. mem_free() from lib/dns/openssl_link.c would crash, even if null pointer is passed to BN_free(). I think INSIST should be moved into if (prt != NULL).
Or better, would it be possible to remove custom memory allocator from OpenSSL? Already done on devel brach in commit 7fc78e7c. It is doing more damage than protection, at least on my experiments with OpenSSL engines.
Is there some place it prevented the leakage?
Edited by Petr Menšík