Hi, We are using Sentry (a C/C++ static analysis tool) to analyze openssl on a nightly basis. Sentry found that an uninitialiezd variable was recently introduced in the commit 1.76 and 1.57.2.3.2.13.
You can see the commit here, http://cvs.openssl.org/filediff?f=openssl/ssl/t1_enc.c&v1=1.75&v2=1.76 The import lines are, unsigned char *val; <- uninitialized variable val ... buff = OPENSSL_malloc(olen); if (buff == NULL) goto err2; <- malloc returned NULL ... err2: ... ret: if (buff != NULL) OPENSSL_free(buff); if (val != NULL) OPENSSL_free(val); <- uninitialied variable val used ... Since the variable is uninitialized, it could be non NULL, which if passed to OPENSSL_free could potentially cause a crash. A solution to this problem would be to assign val to 0. Thanks, Chris -- Chris Wilson http://vigilantsw.com/ Vigilant Software, LLC ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
