On Fri, Jul 18, 2008 at 6:00 PM, Geoff Thorpe <[EMAIL PROTECTED]> wrote: > On Friday 18 July 2008 10:57:50 Bodo Moeller wrote: >> On Thu, Jul 17, 2008 at 7:07 PM, Frederic Heem <[EMAIL PROTECTED]> wrote:
>> > Please find attached a patch which makes valgrind and friends happy. Some >> > changes had been done in md_rand.c which broke the purpose of PURIFY. >> > Needless to say that the define PURIFY is *not* for production system... >> Defining PURIFY should never make the PRNG weak. If Valgrind finds >> data that is used uninitialized, then a "PURIFY" patch should only >> ensure that those exact bytes of data are initialized with some data. >> Never overwrite a byte that actually may have been initialized. > Agreed, though where possible it's preferable for PURIFY-handling to simply > not use the uninitialised data at all, rather than initialising it before > use. Absolutely true! Thanks for adding this aspect to the picture. Bodo ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
