Hi Eugene, ISO/IEC 9899 doesn't discuss this directly, but says in section 6.7.5.1:
"... const int *ptr_to_constant; int *const constant_ptr; The contents of any object pointed to by ptr_to_constant shall not be modified through that pointer..." in BN_sub, "b" is a const BIGNUM *, hence the content referenced by it may not be modified _through b_. The content (*b) cannot be placed in read-only storage as it is referenced, not created, by this declaration. This implies that it's OK to modify it _through r_. If you were to create a const BIGNUM Z, then attempt to BN_sub(&Z, n, &Z) then you would be violating constness by passing Z as the first (non-const) argument. As it stands, however, the code looks fine to me. -Yair -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, January 30, 2008 5:16 PM To: openssl-dev@openssl.org Subject: Re: memory corruption after usin BN_mod_inverse Hi, Yair Elharrar! > Sorry, I don't think that breaks any const rules. > See explanation and example in ISO/IEC 14882 section 7.1.5.1. First of all, OpenSSL was written in C, so ISO/IEC 14882 is not a subject to reffer to (it is the C++ standard). Let's see in ISO/IEC 9899 section 6.7.3: "The implementation may place a const object that is not volatile in a read-only region of storage." That's enough. Then, if you look in BN_sub you'll easy understand that behavior will be undefined if r and b point to the same object. -- Eugene. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] This email and any files transmitted with it are confidential material. They are intended solely for the use of the designated individual or entity to whom they are addressed. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, use, distribution or copying of this communication is strictly prohibited and may be unlawful. If you have received this email in error please immediately notify the sender and delete or destroy any copy of this message ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]