New submission from Kristján Valur Jónsson <[EMAIL PROTECTED]>: The CryptGenRandomBytes uses whatever data is already in the buffer as seed for the output. So, the buffer is effectively an in/out buffer. Now, since we are generating random data anyway, the fact that we are using an undefined seed for the data shouldn't matter. However, this does create a bunch of false positives for analysis tools such as Purify, that track the copying and usage of uninitialized data. An easy patch is to clear the buffer before submitting it to CryptGenRandomBytes, and is attached.
---------- components: Interpreter Core files: tmp6.patch keywords: easy, patch, patch messages: 69853 nosy: krisvale severity: normal status: open title: undefined array passed to CryptGenRandomBytes versions: Python 2.5, Python 2.6, Python 3.0 Added file: http://bugs.python.org/file10919/tmp6.patch _______________________________________ Python tracker <[EMAIL PROTECTED]> <http://bugs.python.org/issue3387> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
