On Sun, 1 Jun 2014, Brent Cook wrote:
> clang warning:
> pem/pem_lib.c:472:6: error: variable 'i' is used uninitialized whenever
> 'if' condition is false [-Werror,-Wsometimes-uninitialized]
> if (o)
> ^
> pem/pem_lib.c:479:7: note: uninitialized use occurs here
> j += i
On May 31, 2014, at 6:08 PM, Brendan MacDonell wrote:
> On Sat, May 31, 2014 at 8:02 PM, Brent Cook wrote:
> I totally agree in the general case. BIO is a big pain, and it does seem
> crazy to use it for stdio.
>
> However, in this specific case, this file already calls BIO_printf, BIO_puts
>
So, in r1.40 the comment was corrected to reflect that this was fixed in
3.7, but the actual check still only checked up to 3.5.
http://www.openbsd.org/cgi-bin/cvsweb/src/gnu/usr.bin/perl/hints/openbsd.sh.diff?r1=1.39;r2=1.40;f=h
And then r1.1.1.8 was created with the correct version in the check
On Sat, May 31, 2014 at 8:02 PM, Brent Cook wrote:
> I totally agree in the general case. BIO is a big pain, and it does seem
> crazy to use it for stdio.
>
> However, in this specific case, this file already calls BIO_printf,
> BIO_puts and BIO_write to stdout and stderr, in an unchecked manner,
This local patch should longer be needed with the removal of m68k.
OK?
Index: hints/openbsd.sh
===
RCS file: /cvs/src/gnu/usr.bin/perl/hints/openbsd.sh,v
retrieving revision 1.49
diff -u -p -u -r1.49 openbsd.sh
--- hints/openbsd.sh
I totally agree in the general case. BIO is a big pain, and it does seem crazy
to use it for stdio.
However, in this specific case, this file already calls BIO_printf, BIO_puts
and BIO_write to stdout and stderr, in an unchecked manner, several hundred
times. I’m not sure if checking write() ac
You should change this so it doesnt check for null before the free. free
handles NULL.
On 31 May 2014 16:39, "Brent Cook" wrote:
> ---
> ecdh/ecdhtest.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/ecdh/ecdhtest.c b/ecdh/ecdhtest.c
> index 620424d..ee220dc 100644
Your change is wrong.
There have been lots of discussion about trying to use intrinsics as
much as possible. Even though this is the openssl command, I think
the consideration is also valid here.
You've just run into the reason for using intrinsics as much as
possible. BIO_write is different fr
Since the random number generator no longer allows being seeded, remove
support for parsing the unused -rand option and the unused random buffer
variables. Better to fail than to be surprised when the RNG seed does not
function as expected.
This fixes compiler warnings about unused random seed var
---
ecdh/ecdhtest.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ecdh/ecdhtest.c b/ecdh/ecdhtest.c
index 620424d..ee220dc 100644
--- a/ecdh/ecdhtest.c
+++ b/ecdh/ecdhtest.c
@@ -358,7 +358,7 @@ static int ecdh_kat(BIO *out, const char *cname, int nid,
Ztmplen = (E
include string.h for memcmp
remove unused variables
---
aeswrap/aes_wrap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/aeswrap/aes_wrap.c b/aeswrap/aes_wrap.c
index b5157d7..c3079e3 100644
--- a/aeswrap/aes_wrap.c
+++ b/aeswrap/aes_wrap.c
@@ -10,7 +10,7 @@
* are met
Avoid having to use -I trickery to find public header files included as
though they are private.
---
src/crypto/bn/bn_const.c | 2 +-
src/crypto/chacha/chacha.c | 2 +-
src/crypto/o_init.c| 2 +-
src/crypto/poly1305/poly1305.c | 2 +-
src/crypto/ts/ts_lib.c | 2 +-
sr
This is a series of fixes to issues found while building libcrypto regression
tests with -Werror and LIBRESSL_INTERNAL.
Do these look OK?
- Brent
with pqueue moving to a private interface, the typedef can occur twice
../include/openssl/dtls1.h:147:25: error: redefinition of typedef 'pqueue' is a
C11 feature [-Werror,-Wtypedef-redefinition]
typedef struct _pqueue *pqueue;
^
../include/pqueue.h:63:25: note: previous d
Neither of these is used anywhere within their object files.
---
src/crypto/ec/ec_lib.c | 3 ---
src/crypto/engine/eng_dyn.c | 3 ---
2 files changed, 6 deletions(-)
diff --git a/src/crypto/ec/ec_lib.c b/src/crypto/ec/ec_lib.c
index 3313573..b8e0e98 100644
--- a/src/crypto/ec/ec_lib.c
+++ b/
ASN1_STRING_data returns an unsigned char *, but strlcat's second
parameter is a const char *
---
src/crypto/ts/ts_rsp_verify.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/crypto/ts/ts_rsp_verify.c b/src/crypto/ts/ts_rsp_verify.c
index 2a4c0c5..49754b5 100644
--- a/src/
clang warning:
pem/pem_lib.c:472:6: error: variable 'i' is used uninitialized whenever 'if'
condition is false
[-Werror,-Wsometimes-uninitialized]
if (o)
^
pem/pem_lib.c:479:7: note: uninitialized use occurs here
j += i;
^
pem/pem_lib.c:472:2: note: r
write() warns if its return value is unchecked. Replace with a BIO_write
like all of the surrounding code uses anyway.
---
src/apps/s_server.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/apps/s_server.c b/src/apps/s_server.c
index 51f6b47..fb28489 100644
--- a/src/apps/
This patch set fixes a series of issues flagged by recent versions of clang and
gcc.
Do these look OK?
- Brent
On Sat, May 31, 2014 at 10:22 AM, Andrew Fresh wrote:
> Turns out in 2008 the regex that aliases ISO-646 to ascii was changed
> so that it also matches plain 646, so we no longer need a patch to do
> that.
>
Makes sense. ok guenther@
> The secondary quotes on the definition ('"ascii"') are
On 31/05/2014, Philip Guenther wrote:
> opendir/readdir don't look at the st_size member, so I don't think any of
> those will help. You haven't found the real problem yet.
Yes, I missed this in getdents docs:
"nbytes must be greater than or equal to the block size associated
with the file".
Wi
Some historical anecdotes:
T.61 was proposed in 93. Utf8 later the same year. utf8 was
recommended from 94. 2004 OpenSSL caught up with the recommendation,
and decided to go against it to be compatible with Netscape Navigator.
Which at that time had a massive 2% of the market. 2005 The behaviou
Done. Thanks for the giggle. I needed it today.
-Bob
On Sat, May 31, 2014 at 07:20:56PM +0200, D. Spindel wrote:
> a short plea from someone who just had to dig through OpenSSL code and
> figuring out why I was getting T.61 strings instead of UTF8Strings.
>
> Would you _please_ and kindly cha
On Sun, 1 Jun 2014 00:57:43 +1000
Joel Sing wrote:
> In this case I think readability wins. I do not believe that there is a lot
> to
> gain from overflow protection given the numbers used in these calculations
> are very small (and many are already bounds checked in some form or other).
Well,
Hi,
I finally bought a TL W723N and try.
usbdevs gives:
port 2 addr 3: high speed, power 500 mA, config 1, 802.11n NIC(0x8179),
Realtek(0x0bda), rev 0.00, iSerialNumber 00E04C0001
0x8179 is not present in kernel source (usbdevs.h) (for realteak there is
0x8178 and 0x817a and around but not this
Turns out in 2008 the regex that aliases ISO-646 to ascii was changed
so that it also matches plain 646, so we no longer need a patch to do
that.
https://github.com/dankogai/p5-encode/commit/aa1fdef85add72114ed7badf85e523cfdc9d6275
They adjusted the regex like this, making the leading ISO optiona
a short plea from someone who just had to dig through OpenSSL code and
figuring out why I was getting T.61 strings instead of UTF8Strings.
Would you _please_ and kindly change the default of global_mask in
crypto/asn1/a_strnid.c from 0xL to B_ASN1_UTF8STRING
OpenSSL upstream has had the
On Sat, 31 May 2014, Benjamin Baier wrote:
> This one splits up the malloc parameter, taking full potential from calloc,
> hurting readability a bit. which one is preferred? more
> readable/maintainable or using the calloc overflow protection?
In this case I think readability wins. I do not believ
While here also stop casting {m,c}alloc return value.
Index: inetd.c
===
RCS file: /cvs/src/usr.sbin/inetd/inetd.c,v
retrieving revision 1.137
diff -u -p -r1.137 inetd.c
--- inetd.c 23 Nov 2013 17:24:29 - 1.137
+++ inetd.
Any comments?
On Thu, May 08, 2014 at 10:17:15PM +0200, Fritjof Bornebusch wrote:
> Hi tech,
>
> there is no way you can go, after usage() was called, so dont't do it.
>
> fritjof
>
> Index: ci.c
> ===
> RCS file: /cvs/src/usr.bin/
Any feedback?
On Thu, May 15, 2014 at 12:07:56AM +0200, Fritjof Bornebusch wrote:
> Hi tech,
>
> I added some missing ; to the rlog out files, to make sure these tests don't
> fail.
>
>
> fritjof
>
>
> Index: rlog-rflag2.out
> =
This one splits up the malloc parameter, taking full potential from calloc,
hurting readability a bit.
which one is preferred? more readable/maintainable or using the calloc overflow
protection?
Index: bootstrap.c
===
RCS file: /cvs
Index: aicasm.c
===
RCS file: /cvs/src/sys/dev/microcode/aic7xxx/aicasm.c,v
retrieving revision 1.15
diff -u -p -r1.15 aicasm.c
--- aicasm.c5 Dec 2012 23:20:19 - 1.15
+++ aicasm.c31 May 2014 11:01:21 -
@@ -500,12
Fritjof Bornebusch writes:
> Am I wrong?
Nope. Committed, thanks.
> On Thu, May 22, 2014 at 04:30:03PM +0200, Fritjof Bornebusch wrote:
>> Hi tech,
>>
>> does this return makes any sense, because it's a void function and the
>> return is at the end of the function.
>>
>> fritjof
>>
>> Index
On Sat, May 31, 2014 at 17:00, Cameron Stewart wrote:
> - change memset before free to explicit_bzero
> - change ordinary memset's to bzero
Actually, memset is preferred to bzero in the ordinary case.
Another good reason to make separate diffs for separate changes. :)
Am I wrong?
On Thu, May 22, 2014 at 04:30:03PM +0200, Fritjof Bornebusch wrote:
> Hi tech,
>
> does this return makes any sense, because it's a void function and the return
> is at the end of the function.
>
> fritjof
>
> Index: arc4random.c
> ==
Hi tech@
Here are some missing checks for NULL after malloc.
I sent these in a bit ago, but I didn't see them picked up.
Regards
Index: src/apps/apps.c
===
RCS file: /cvs/src/lib/libssl/src/apps/apps.c,v
retrieving revision 1.56
dif
On Fri, May 30, 2014 at 10:42 PM, M Farkas-Dyck wrote:
> Ls seems to stat the directory and allocate a large enough dent
> buffer. I couldn't find what ls calls to do so, but I assume that it's
> a common function and other programs use it too.
opendir() and readdir() are the functions you're l
- change memset before free to explicit_bzero
- change ordinary memset's to bzero
- change if(!data) malloc else realloc to realloc
- explicit_bzero on downsize instead of memset
Possible an advantage (the only?) of the previous allocator was this
memset would have never been optimised out.
S
39 matches
Mail list logo