From a918d16c5c56917eca54272018ae30883ed218ec Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Sun, 1 Jun 2014 15:10:54 +0000 Subject: Commit this before the head-scratching leads to premature baldness: memset(a->data, 0, (unsigned int)a->max); but the decl is: size_t max; size_t could be larger than int, especially in some of the systems OpenSSL purports to support. How do _intentionally truncating_ casts like enter into a codebase? Lack of understanding of C, at a minimum. Generally the objects are small, but this code is _intentionally unready_ for large objects. ok miod --- lib/libcrypto/buffer/buffer.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/libcrypto') diff --git a/lib/libcrypto/buffer/buffer.c b/lib/libcrypto/buffer/buffer.c index 486d6fef141..71784693be3 100644 --- a/lib/libcrypto/buffer/buffer.c +++ b/lib/libcrypto/buffer/buffer.c @@ -88,7 +88,7 @@ BUF_MEM_free(BUF_MEM *a) return; if (a->data != NULL) { - memset(a->data, 0, (unsigned int)a->max); + memset(a->data, 0, a->max); free(a->data); } free(a); -- cgit v1.2.3