Darryl Miles <[EMAIL PROTECTED]> writes:
[...]
> So the -DPURIFY kills the only known source of uninitialized data
> warnings in the OpenSSL project that has been reported todate.
There's another little one in RAND_load_file. If the function is
given a non-NULL file that doesn't exist, it still does
/* If the state fails, put some crap in anyway */
RAND_add(&sb,sizeof(sb),0.0);
for the (uninitialised) struct stat sb. So I suggest an #ifndef
PURIFY around that. (Or, I guess, if PURIFY is defined, initialise
sb.)
[...]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
