On Mon, Feb 18, 2013 at 7:58 AM, Nick <nos...@codesniffer.com> wrote: > On Mon, 2013-02-18 at 13:22 +0100, Dr. Stephen Henson wrote: >> Here's what's happening in detail. If you pass a non-NULL pointer for >> the >> second parameter it will attempt to reuse the structure. >> >> In the case of the RSA structure the outer (RSA *) is allocated via >> OPENSSL_malloc and so are many internal structures (e.g. BIGNUM key >> components), which it will also attempt to reuse. So all the internals >> need to >> be initialised to something sensible too or it may attempt to free up >> unintialised pointers with unpredictable results. > > That makes perfect sense, thank you. It looks like the GCC tool chain has let you down: "C/C++ Option to Initialize Variables?", http://gcc.gnu.org/ml/gcc/2013-02/msg00207.html.
Visual Studio has a similar feature for debug builds, and I don't ever recall being burned by using an uninitalized value since the value will be distinguished garbage - 0xCDCDCDCD and the like. As soon as I see it, I know something is not initialized. Were you compiling with full warnings? If so, you should have been warned of use of an initialized value. If not, you might want to investigate how the tool chain can help you with reliability and security (there are lots of opportunities). Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
