Thursday, February 26, 2009


Everybody knows. It's written in all programming languages textbooks (I hope). Always check function return values. As you learn more and more, you learn that there are two types of functions: those that need to be checked (I'll refer to them as important functions) and other functions.

Even though it is sometimes discutable (and depending of lazyness and carelessness of specific developer) which group a function belongs to, there are many functions where no such discussion is needed.

One example of important function is EVP_VerifyFinal() which is part of openSSL library. The function is used as part of signature verification, so (hopefully) only complete idiot would dare not to check the return value.

Unfortunatelly the function is so complicated, that it can return three possible values: verification success, verification fail and error. This is cleanly written in manual page. Since this part of the documentation is extreamply clear, I wonder why search for EVP_VerifyFinal on National Vulnerability Database displays 10 results of (somehow) important applications which do not check the return values of the function.

Since return values are described clearly in the documentation, I'm surprised that the return values are not (correctly) checked. The only reason I can think about so far is that the author did not read the documentation. Since the function is really important (it's part of secure connection initialization!), author should use it in a proper way. Which means - according to documentation...

Conclusion: RTFM!

No comments:

Post a Comment