Using memcpy on overlapping regions of memory is undefined behavior in C. In engines/ccgost/gosthash.c, the circle_xor8() function uses memcpy to copy data between the two arrays passed as arguments, but in some cases (e.g., the third call to circle_xor8 in hash_step() in the same file) the two arguments are identical. Use memmove instead to avoid any problems.
Nickolai. --- openssl-1.0.1c/engines/ccgost/gosthash.c 2009-12-22 06:52:15.000000000 -0500 +++ openssl-1.0.1c/engines/ccgost/gosthash.c 2013-01-07 15:56:39.716975869 -0500 @@ -42,7 +42,7 @@ byte buf[8]; int i; memcpy(buf,w,8); - memcpy(k,w+8,24); + memmove(k,w+8,24); for(i=0;i<8;i++) k[i+24]=buf[i]^k[i]; } ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org