> Maybe valgrind should have a rule put in place which resets the > uninitialized data bit in the memory bitmap over the block of data > returned by the low level RAND_xxxx() functions provided by OpenSSL.
Yes, exactly my point. Until someone enhances valgrind, however, something like this might work well: { RAND_bytes1 Memcheck: Value1 /* notused */ RAND_bytes } and repeat that four times with 2, 4, 8, 16 replacing the two 1's. I betcha that catches almost all problems; at least within OpenSSL. /r$ -- STSM Senior Security Architect DataPower SOA Appliances ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]