Re: [CVS] OpenSSL: openssl/crypto/rand/ rand_lib.c

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Re: [CVS] OpenSSL: openssl/crypto/rand/ rand_lib.c

Goetz Babin-Ebell
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Lutz,

why not...

Lutz Jaenicke wrote:

>   patch -p0 <<'@@ .'
>   Index: openssl/crypto/rand/rand_lib.c
>   ============================================================================
>   $ cvs diff -u -r1.16 -r1.17 rand_lib.c
>   --- openssl/crypto/rand/rand_lib.c 30 Jan 2003 17:39:23 -0000 1.16
>   +++ openssl/crypto/rand/rand_lib.c 2 Mar 2007 17:54:51 -0000 1.17
>   @@ -154,6 +154,7 @@
>    int RAND_bytes(unsigned char *buf, int num)
>     {
>     const RAND_METHOD *meth = RAND_get_rand_method();
>     if (meth && meth->bytes)
>     return meth->bytes(buf,num);
+ memset(buf, 0, num);
>     return(-1);
>   @@ -162,6 +163,7 @@
>    int RAND_pseudo_bytes(unsigned char *buf, int num)
>     {
>     const RAND_METHOD *meth = RAND_get_rand_method();
>     if (meth && meth->pseudorand)
>     return meth->pseudorand(buf,num);
+ memset(buf, 0, num);
>     return(-1);

This way memset() will only be called in error case.
In the normal case the (not needed) memset will
not waste processor cycles...

This is a workaround for people that use debuging tools
that generate results they can't understand.


Bye

Goetz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFF6IG82iGqZUF3qPYRAsxeAKCD8YmCuSeZtWafatkPzTucLfeJEACfQZks
IYF84gloJki7bH4uYidlbrs=
=P0Kp
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]