RE: memory corruption after usin BN_mod_inverse

Wed, 30 Jan 2008 07:46:50 -0800 

Hi Eugene,
ISO/IEC 9899 doesn't discuss this directly, but says in section 6.7.5.1:

"...    const int *ptr_to_constant;
        int *const constant_ptr;
The contents of any object pointed to by ptr_to_constant shall not be modified 
through that pointer..."

in BN_sub, "b" is a const BIGNUM *, hence the content referenced by it may not 
be modified _through b_.
The content (*b) cannot be placed in read-only storage as it is referenced, not 
created, by this declaration.
This implies that it's OK to modify it _through r_.

If you were to create a const BIGNUM Z, then attempt to BN_sub(&Z, n, &Z) then 
you would be violating constness by passing Z as the first (non-const) 
argument. As it stands, however, the code looks fine to me.

-Yair


-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Wednesday, January 30, 2008 5:16 PM
To: openssl-dev@openssl.org
Subject: Re: memory corruption after usin BN_mod_inverse


Hi, Yair Elharrar!

> Sorry, I don't think that breaks any const rules.
> See explanation and example in ISO/IEC 14882 section 7.1.5.1.

First of all, OpenSSL was written in C, so ISO/IEC 14882 is not a
subject to reffer to (it is the C++ standard).

Let's see in ISO/IEC 9899 section 6.7.3:
"The implementation may place a const object that is not volatile in a
read-only region of storage." That's enough.

Then, if you look in BN_sub you'll easy understand that behavior will
be undefined if r and b point to the same object.

--
 Eugene.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

This email and any files transmitted with it are confidential material. They 
are intended solely for the use of the designated individual or entity to whom 
they are addressed. If the reader of this message is not the intended 
recipient, you are hereby notified that any dissemination, use, distribution or 
copying of this communication is strictly prohibited and may be unlawful.

If you have received this email in error please immediately notify the sender 
and delete or destroy any copy of this message
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to