In dsa_gen.c: for (i = qsize-1; i >= 0; i--) { buf[i]++; if (buf[i] != 0) break; }
i is a size_t, so the expression i >= 0 is always true. If the value of seed is 0xFF...FF, the break will never be triggered either, and it will modify memory after seed. Test case: int main() { DSA* dsa = DSA_new(); unsigned char seed[20] = { 0 }; memset(seed, 0xFF, 20); DSA_generate_parameters_ex(dsa, 1024, seed, sizeof(seed), 0, 0, 0); } Under valgrind (after compiling with -DPURIFY) the error is visible: ==27347== 1 errors in context 1 of 1: ==27347== Conditional jump or move depends on uninitialised value(s) ==27347== at 0x40C583: dsa_builtin_paramgen (in /home/jack/sources/openssl-SNAP-20070227/dsa_gen) ==27347== by 0x40CBD5: DSA_generate_parameters_ex (in /home/jack/sources/openssl-SNAP-20070227/dsa_gen) ==27347== by 0x401764: main (dsa_gen.c:283) Adding seed[19] = 0xFE; before the call to DSA_generate_parameters_ex allows the loop to exit before it walks off the end, and no error shows up under valgrind. -Jack ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]