-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Lutz,
why not...
Lutz Jaenicke wrote:
> patch -p0 <<'@@ .'
> Index: openssl/crypto/rand/rand_lib.c
> ============================================================================
> $ cvs diff -u -r1.16 -r1.17 rand_lib.c
> --- openssl/crypto/rand/rand_lib.c 30 Jan 2003 17:39:23 -0000 1.16
> +++ openssl/crypto/rand/rand_lib.c 2 Mar 2007 17:54:51 -0000 1.17
> @@ -154,6 +154,7 @@
> int RAND_bytes(unsigned char *buf, int num)
> {
> const RAND_METHOD *meth = RAND_get_rand_method();
> if (meth && meth->bytes)
> return meth->bytes(buf,num);
+ memset(buf, 0, num);
> return(-1);
> @@ -162,6 +163,7 @@
> int RAND_pseudo_bytes(unsigned char *buf, int num)
> {
> const RAND_METHOD *meth = RAND_get_rand_method();
> if (meth && meth->pseudorand)
> return meth->pseudorand(buf,num);
+ memset(buf, 0, num);
> return(-1);
This way memset() will only be called in error case.
In the normal case the (not needed) memset will
not waste processor cycles...
This is a workaround for people that use debuging tools
that generate results they can't understand.
Bye
Goetz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFF6IG82iGqZUF3qPYRAsxeAKCD8YmCuSeZtWafatkPzTucLfeJEACfQZks
IYF84gloJki7bH4uYidlbrs=
=P0Kp
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
