Lutz Jaenicke wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________________________
Server: cvs.openssl.org Name: Lutz Jaenicke
Root: /v/openssl/cvs Email: [EMAIL PROTECTED]
Module: openssl Date: 16-May-2008 09:14:58
Branch: OpenSSL_0_9_8-stable Handle: 2008051608145800
Modified files: (Branch: OpenSSL_0_9_8-stable)
openssl/crypto/rand randfile.c
Log:
Another occurance of possible valgrind/purify "uninitialized memory"
complaint related to the PRNG: with PURIFY policy don't feed uninitialized
memory into the PRNG.
Submitted by: Bodo Moeller <[EMAIL PROTECTED]> :-)
Summary:
Revision Changes Path
1.47.2.3 +4 -0 openssl/crypto/rand/randfile.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openssl/crypto/rand/randfile.c
============================================================================
$ cvs diff -u -r1.47.2.2 -r1.47.2.3 randfile.c
--- openssl/crypto/rand/randfile.c 2 Mar 2007 17:44:55 -0000 1.47.2.2
+++ openssl/crypto/rand/randfile.c 16 May 2008 07:14:58 -0000 1.47.2.3
@@ -127,7 +127,11 @@
i=fread(buf,1,n,in);
if (i <= 0) break;
/* even if n != i, use the full array */
This comment should be inside the #else clause :-)
+#ifdef PURIFY
+ RAND_add(buf,i,(double)i);
+#else
RAND_add(buf,n,(double)i);
+#endif
ret+=i;
if (bytes > 0)
{
@@ .
______________________________________________________________________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
