> Anyway enough background.. heres the problem. The verify code does
> something like this:
>
> X509_STORE_CTX ctx;
>
> X509_STORE_CTX_init(&ctx,...);
>
> This isn't the only place where this construction occurs digest and
> cipher code and several other areas have this general construction:
This is indeed a serious problem. Every structure that is needed by
the library should be allocated as dynamic memory. X509_STORE_CTX
should be declared as something like
typedef struct _x509_store_ctx * X509_STORE_CTX;
so that
X509_STORE_CTX_init(&ctx,...);
will allocate the appropriate memory necessary for the version of the
library. The first element of struct _x509_store_ctx should be the
length of the struct so in case structs are exchanged between versions
some level of compatibility may be maintained.
Then for every function that allocates memory in the library there
needs to be
X509_STORE_CTX_free(&ctx, ...);
which frees the memory and NULLs the pointer.
Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
The Kermit Project * Columbia University
612 West 115th St #716 * New York, NY * 10025
http://www.kermit-project.org/k95.html * [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
