Hi!
In an error case in the openssl/crypto/err/err.c, va_start is not
ended by va_end.
Please see the attached diff for details (against 0.9.6b).
I found this in a recent va_start/va_end audit I did on NetBSD.
Bye,
Thomas
--
Thomas Klausner - [EMAIL PROTECTED]
War is an instrument entirely inefficient toward redressing wrong; and
multiplies, instead of indemnifying losses. -- Thomas Jefferson, author,
architect, and third U.S. president (1743-1826)
Index: err.c
===================================================================
RCS file: /cvsroot/basesrc/crypto/dist/openssl/crypto/err/err.c,v
retrieving revision 1.1.1.3
retrieving revision 1.2
diff -u -r1.1.1.3 -r1.2
--- err.c 2001/04/12 03:08:38 1.1.1.3
+++ err.c 2001/09/24 13:22:27 1.2
@@ -784,6 +784,7 @@
if (p == NULL)
{
OPENSSL_free(str);
+ va_end(args);
return;
}
else
