Hello Steve, On Sun, 2004-11-14 at 00:48, Stephen Henson via RT wrote: > > + die(os.length <= sizeof ret->session_id);
> > OPENSSL_assert(os.length <= sizeof ret->session_id); > would also keep os.length <= sizeof ret->session_id. So the following > memcpy() can never overflow the buffer. You are correct. Thanks for clearing this up. It's the '<=' operator in the original die() that confused me. But since this is about a memcpy() and not a copy to an indexed char * there is indeed no danger of an overflow here. Leonard. -- mount -t life -o ro /dev/dna /genetic/research ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
