Nope, no reversing there. However, what we're cleansing is the pointer itself, which is basically ridiculous and a mistake, as the memset() that was there before (and didn't generate an exception!) was really there to NULLify the ex_data pointers.
I just committed a change back to using memset(). [[EMAIL PROTECTED] - Mon Dec 9 08:59:25 2002]: > I'm tracking down the cause of an exception that did not occur with > Kermit 95 with previous > 0.9.7 builds. In the process I noticed that in > > X509_STORE_CTX_cleanup > > the buffer ctx->ex_data is freed with > > CRYPTO_free_ex_data > > prior to it being cleansed with > > OPENSSL_cleanse > > I'm pretty sure these two calls need to be reversed. > > - Jeff > > -- Richard Levitte ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
