Guessing on the stack being "non-predictable" does not seem to improve
entropy too much to me. I have therefore modified the code to no longer
use "uninitialized" memory in any case.
Not relying on -DPURIFY will also make valgrind users happy :-)
Best regards,
Lutz
If RAND_load_file is called with a non-NULL file which does not exist,
then it still does:
i=stat(file,&sb);
/* If the state fails, put some crap in anyway */
RAND_add(&sb,sizeof(sb),0.0);
if (i < 0) return(0);
And sb may well be uninitialized.
Obviously that's of
