* Harald Koch ([EMAIL PROTECTED]) wrote: > In message <[EMAIL PROTECTED]>, Richard Levitte - VMS >Whacker writes: > > > > In message <[EMAIL PROTECTED]> on Thu, 20 Feb 2003 10:06:55 +0300, >Solar Designer <[EMAIL PROTECTED]> said: > > > > solar> --- openssl-0.9.6h/crypto/x509/x509_vfy.c Thu Nov 28 11:06:30 2002 > > solar> +++ openssl-0.9.6i/crypto/x509/x509_vfy.c Tue Dec 10 11:28:16 2002 > > solar> @@ -897,7 +897,7 @@ > > solar> ctx->chain=NULL; > > solar> } > > solar> CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data)); > > solar> - OPENSSL_cleanse(&ctx->ex_data,sizeof(CRYPTO_EX_DATA)); > > solar> + memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); > > solar> } > > solar> > > solar> Is this change intentional, it appears to undo the change introduced > > solar> between 0.9.6g and 0.9.6h? > > > > Yes. ex_data is a pointer, need I say more? :-) > > What's wrong with the much simpler "ctx->ex_data = 0;" then?
erm, ex_data is not a pointer, it is a CRYPTO_EX_DATA structure. &ex_data is a pointer, of course. Anyway, looking at the implementation of CRYPTO_free_ex_data(), I can't understand why any cleanse/memset is required anyway? Richard - did you change it just as part of the memset->cleanse audit, or is there a reason in this specific case that some sanitisation is required? Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.openssl.org/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
