[EMAIL PROTECTED] wrote:
I must ask if you compiled OpenSSL with the 'PURIFY' option.
My build is substantially silenced: only two distinct valgrind 'uninitialiased
value' errors when using my custom rand replacement. This is throughout a full
regression test of my software.
I did not use the purify option - there are only two purify ifdefs in all the
openssl code. Both unrelated.
This problem is in BM_get_flags() - flags should be initialized, surely?
Please compile OpenSSL with -DPURIFY and retest.
Then create the smallest test case that is able to reproduce the warning.
This way someone can investigate the reason, the potential security
risk, etc...
Darryl
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]