[EMAIL PROTECTED] via RT wrote: > I believe that I have found a bug in the above file and would like for someone > else to santiy check it. > > At line 290 in a_utctm.c, a separate code block is being used if the library > needs to call gmtime_r() to get the time structure. The value is stored in a > temporary (data) that is declared in this code block. The address of the > temporary is assigned to an "external" variable tm. This can cause some > memory corruption problems. The memory corruption would occur if the compiler > removes the memory allocated to the temporary after the code block is done. The > derefencing of tm a couple of lines later could result in a SIGSEGV because that > memory has been returned. The solution to this problem is to remove the code > block and declare struct tm data at the beginning of > ASN1_UTCTIME_cmp_time_t().
Hmm. Seems to me you are right. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
