Hacker News
The pandemic of incomplete OpenSSL error handling
7 points by teddyh
ago
|
1 comments
thesuperbigfrog
[-]
Recklessly discarding OpenSSL errors is really bad and could lead to security vulnerabilities.
Calling ERR_clear_error before operations is widely recommended: https://github.com/openssl/openssl/discussions/23025
which matches the blog author's point.
How widespread is this OpenSSL error discarding practice? It might explain a lot of security vulnerabilities.