Daniel Brahneborg via RT wrote: > Hi, > > I'm using Valgrind to debug a program that uses the OpenSSL > libraries, and got warnings about uninitialized data in the > function RSA_padding_add_PKCS1_type_2(), on the line with > "} while (*p == '\0');" (line 171 in version 0.9.7a). The > following patch ensures that the data is always modified, > something that the bytes() method obviously fails to do.
If it's a bug in bytes() why do you change RAND_bytes(), wouldn't it be more appropriate to patch the bytes() function of the correspondig RAND_METHOD ? RAND_bytes() is only a wrapper function to call the bytes() function from the RAND_METHOD object (if existing). Regards, Nils ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
