Hello,
My compiler (gcc 4.2.1) complains with:
piv-tool.c: In function ‘main’:
piv-tool.c:347: warning: ‘x’ is used uninitialized in this function
piv-tool.c:335: note: ‘x’ was declared here
piv-tool.c:348: warning: ‘y’ is used uninitialized in this function
piv-tool.c:336: note: ‘y’ was declared here
piv-tool.c:264: warning: ‘nid’ may be used uninitialized in this function
piv-tool.c:264: note: ‘nid’ was declared here
The code does:
BIGNUM *x;
BIGNUM *y;
x = BN_bin2bn(keydata.ecpoint + 1, i, x);
y = BN_bin2bn(keydata.ecpoint + 1 + i, i, y) ;
So x and y are used in BN_bin2bn with an undefined value.
According to bn_bin2bn manpage [1]:
BN_bin2bn() converts the positive integer in big-endian form of
length len at s into a BIGNUM and places it in ret. If ret is NULL, a
new BIGNUM is created.
Maybe the code should be:
x = BN_bin2bn(keydata.ecpoint + 1, i, NULL);
y = BN_bin2bn(keydata.ecpoint + 1 + i, i, NULL) ;
Also nid is not initialized in all cases. I don't know what default
value to use.
Bye
[1] http://www.openssl.org/docs/crypto/BN_bn2bin.html
--
Dr. Ludovic Rousseau
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
