On 2/20/06, Tom Lane <[EMAIL PROTECTED]> wrote:
> "Marko Kreen" <[EMAIL PROTECTED]> writes:
> > On 2/18/06, Marko Kreen <[EMAIL PROTECTED]> wrote:
> >> pgcrypto crypt()/md5 and hmac() leak memory when compiled against
> >> OpenSSL as openssl.c digest ->reset will do two DigestInit calls
> >> against a context.  This happened to work with OpenSSL 0.9.6
> >> but not with 0.9.7+.
> > Ugh, seems I read the old code slightly wrong.  The leak happens
> > also with regular digest(), although it will leak only 1 context
> > instance, not the 1000+ as the crypt-md5 does.
> I'm confused --- does this mean that the patch you sent recently
> needs further work?

No, it's fine.  As I did not 'fix' old code but replaced it.

It's just that I gave wrong answer to the question 'who is affected?'


---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?


Reply via email to