This memset() in the ubsec ENGINE is a bug. Zeroing out the result array (dcfb57c7) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit dcfb57c7 authored Jun 06, 2003 by

Geoff Thorpe

This memset() in the ubsec ENGINE is a bug. Zeroing out the result array

should not be necessary in any case, but more importantly the result and
input BIGNUMs could be the same, in which case this is clearly a problem.

Submitted by: Jonathan Hersch
Reviewed by: Joe Orton
Approved by: Geoff Thorpe

parent 2ee67f1d

Hide whitespace changes

Inline Side-by-side

Please register or to comment