projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
c8bbd98
)
clarify comment
author
Dr. Stephen Henson
<steve@openssl.org>
Wed, 16 Jun 2010 13:15:31 +0000
(13:15 +0000)
committer
Dr. Stephen Henson
<steve@openssl.org>
Wed, 16 Jun 2010 13:15:31 +0000
(13:15 +0000)
crypto/rand/md_rand.c
patch
|
blob
|
history
diff --git
a/crypto/rand/md_rand.c
b/crypto/rand/md_rand.c
index 4e581f3917318c982de9f34b6f2f34d99fdedcbf..943c936483bb2d087215964ff19f10a65e3df09a 100644
(file)
--- a/
crypto/rand/md_rand.c
+++ b/
crypto/rand/md_rand.c
@@
-492,12
+492,15
@@
static int ssleay_rand_bytes(unsigned char *buf, int num)
goto err;
#ifndef PURIFY /* purify complains */
goto err;
#ifndef PURIFY /* purify complains */
- /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
+ /* The following line uses the supplied buffer as a small
+ * source of entropy: since this buffer is often uninitialised
+ * it may cause programs such as purify or valgrind to
+ * complain. So for those builds it is not used: the removal
+ * of such a small source of entropy has negligible impact on
+ * security.
+ */
if (!MD_Update(&m,buf,j))
goto err;
if (!MD_Update(&m,buf,j))
goto err;
- /* We know that line may cause programs such as
- purify and valgrind to complain about use of
- uninitialized data. */
#endif
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
#endif
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;