Rich Salz wrote:
Hmm, so OpenSSL is depending on NULL being all-bytes-zero. :)
Funny about that. :-)
It really wouldn't matter what assumption you made. At some point there needs to be a test:Probably a safe assumption, although theoretically you shouldn't do that.
Is this structure initialized?
And assigning random values to a structure will never allow the test to properly succeed.
Another approach to consider is implementing special XXX_cleanse() functions that are smart about which fields can be randomized and which ones (ie, pointers) must be set to zero.
But this does make me think that perhaps a better approach is to have a bunch of static instances:
X509_STORE_ctx nil_x509_store_ctx;
RSA nil_RSA;
...
etc.
Then OPENSSL_cleanse is
OPENSSL_cleanse2(volatile void* dest, volatile void* in, size_t s)
{
memcpy(dest, in, s);
/* play usual "force used" tricks here */
}
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
