Thanks for the report, I just committed a fix. Ticket resolved. [EMAIL PROTECTED] - Tue May 27 08:33:05 2003]:
> Hi, > I came upon a bounds bug in the testsuite program destest.c and > set_key.c . I have > attached the snippet of code from the files. > The problem is that in the loop in destest.c the variable i is > incremented till i = NUM_TESTS - 2 (32). The following call > to DES_set_key_unchecked using &key_data[i+2](an out of bounds pointer, > since key_data is of size NUM_TESTS )and the dereference of this pointer > in DES_set_key_unchecked constitutes a bounds error. Interestingly this > bug doesnt seem to have any significant impact because the location > referenced contains all zeros(in all of my test runs). A bounds checking > compiler which I am using caught this violation. I also checked the > current snapshot which has the same problem. > I will appreciate your comment on this. > Thanks > > tunji > -- Richard Levitte [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
