> I don't see any promises that the data on the stack should be > NULL terminated, just that the accessors should return NULL > for out-of-bound access. > > Therefore, I think that sk_value() should bounds check the > index against st->num.
Oh, yes. As I see this is already fixed that way in 0.9.7g. Things that led me to decision that stack should be NULL terminated were: 1. sk_value() implementation in 0.9.7d 2. sk_insert() in both 0.9.7d and 0.9.7g maintains num_alloc aways num+1 The condition to increase stack is: st->num_alloc <= st->num+1 so it's naturally to think that the extra element is kept for NULL terminating the stack. I think that this was the initial idea of the person writing the code. It's now cosmetic/performance problem that in 0.9.7g the last value of the stack is never used. -- Vasil Dimov ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
