T Bharath wrote:
>
> Steve i still do not understand that
> Here ctx.digest does not have any memory and when the call
> memcpy((char *)out,(char *)in,in->digest->ctx_size);
> is made,in my case you are copying 96 bytes to ctx.digest and in the
> process overwriting someotherdata.Isnt that true.
No it isn't. The structures are being copied. The actual pointer
ctx->digest is being changed *not* the (invalid) data it points to. So
what you are effectively doing is (among other things):
out->digest = in->digest;
and the in->digest pointer points to a valid EVP_MD structure.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
