Skip to content

fix: check PEM write return values in key export functions#120

Merged
atoomic merged 2 commits into
cpan-authors:mainfrom
toddr-bot:koan.toddr.bot/fix-pem-write-error-checks
Mar 19, 2026
Merged

fix: check PEM write return values in key export functions#120
atoomic merged 2 commits into
cpan-authors:mainfrom
toddr-bot:koan.toddr.bot/fix-pem-write-error-checks

Conversation

@toddr-bot
Copy link
Copy Markdown
Contributor

@toddr-bot toddr-bot commented Mar 18, 2026
edited
Loading

Summary

  • Check return values of PEM_write_bio_PrivateKey_traditional(), PEM_write_bio_RSAPublicKey(), and PEM_write_bio_PUBKEY() in the three key export functions
  • Free the BIO and croak with the OpenSSL error on failure instead of silently returning garbage/partial PEM data
  • Remove trailing semicolon from PEM_write_bio_PUBKEY macro on OpenSSL 3.x path

Test plan

  • make test — all 476 tests pass
  • Build clean on OpenSSL 3.5.1

🤖 Generated with Claude Code

Quality Report

Changes: 1 file changed, 17 insertions(+), 5 deletions(-)

Code scan: clean

Tests: passed (OK)

Branch hygiene: clean

Generated by Kōan post-mission quality pipeline

timlegge
timlegge approved these changes Mar 19, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@timlegge timlegge left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually passing lgtm

@timlegge timlegge marked this pull request as ready for review March 19, 2026 02:19
@timlegge timlegge requested a review from atoomic March 19, 2026 02:45
atoomic
atoomic approved these changes Mar 19, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@atoomic atoomic left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM I would suggest a macro to avoid that boilerplate

@atoomic
Copy link
Copy Markdown
Collaborator

atoomic commented Mar 19, 2026

@toddr-bot Rebase

@atoomic atoomic self-assigned this Mar 19, 2026
toddr-bot and others added 2 commits March 19, 2026 02:59
@toddr-bot @claude
fix: check PEM write return values in key export functions
c1b0a38 
PEM_write_bio_PrivateKey_traditional(), PEM_write_bio_RSAPublicKey(),
and PEM_write_bio_PUBKEY() return values were unchecked. On failure,
callers would silently return garbage/partial PEM data instead of
croaking with an OpenSSL error.

Also removes a trailing semicolon from the PEM_write_bio_PUBKEY macro
on the OpenSSL 3.x path that prevented using the return value in
expressions.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@toddr-bot
rebase: apply review feedback on cpan-authors#120
cd17688
@toddr-bot toddr-bot force-pushed the koan.toddr.bot/fix-pem-write-error-checks branch from 92a61e0 to cd17688 Compare March 19, 2026 03:00
@toddr-bot
Copy link
Copy Markdown
Contributor Author

toddr-bot commented Mar 19, 2026

Rebase: fix: check PEM write return values in key export functions

Branch koan.toddr.bot/fix-pem-write-error-checks rebased onto main and force-pushed.

Diff: 1 file changed, 7 insertions(+), 5 deletions(-)

Review feedback was analyzed and applied.

Actions

  • Rebased koan.toddr.bot/fix-pem-write-error-checks onto upstream/main
  • Applied review feedback
  • Force-pushed koan.toddr.bot/fix-pem-write-error-checks to origin
  • CI passed

CI

CI passed.

Automated by Kōan

@atoomic atoomic merged commit 338ca74 into cpan-authors:main Mar 19, 2026
27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@atoomic atoomic atoomic approved these changes

@timlegge timlegge timlegge approved these changes

Assignees

@atoomic atoomic

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@toddr-bot @atoomic @timlegge