Hi, On Tue, Jun 07, 2016 at 06:04:54PM +0500, ???????? ?????????????? wrote: > as I see, there's call to format_hex_ex with separator=NULL here:
Interesting find.
This code is funny - format_hex_ex() is called from various places with
separator=NULL, and has been that way since at least 2005... it's part of
the oldest commit we have in git.
Now, that expression
struct buffer out = alloc_buf_gc (maxoutput ? maxoutput :
((size * 2) + (size / (space_break_flags & F
HE_SPACE_BREAK_MASK)) * (int) strlen (separator) + 2),
gc);
will of course *only* call strlen(separator) if "maxoutput" is 0
(C short-circuit evaluation of conditionals). So if all callers respect
that and *either* set "maxoutput > 0" *or* pass "separator != NULL", we're
fine.
The line 152 in ssl_openssl.c is passing in "len", which is not 0...
const char *key = format_hex_ex (ekm, size, len, 0, NULL, &gc);
... so there will not be a strlen() call.
I wouldn't mind an ASSERT( maxoutput > 0 || separator != NULL ) call
in format_hex_ex(), though.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
signature.asc
Description: PGP signature
