On 2/20/06, Tom Lane <[EMAIL PROTECTED]> wrote:
> "Marko Kreen" <[EMAIL PROTECTED]> writes:
> > On 2/18/06, Marko Kreen <[EMAIL PROTECTED]> wrote:
> >> pgcrypto crypt()/md5 and hmac() leak memory when compiled against
> >> OpenSSL as openssl.c digest ->reset will do two DigestInit calls
> >> against a context. This happened to work with OpenSSL 0.9.6
> >> but not with 0.9.7+.
>
> > Ugh, seems I read the old code slightly wrong. The leak happens
> > also with regular digest(), although it will leak only 1 context
> > instance, not the 1000+ as the crypt-md5 does.
>
> I'm confused --- does this mean that the patch you sent recently
> needs further work?
No, it's fine. As I did not 'fix' old code but replaced it.
It's just that I gave wrong answer to the question 'who is affected?'
--
marko
---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?
http://archives.postgresql.org
