is it initialized
Yakov Lerner
iler.ml at gmail.com
Thu Sep 13 21:01:04 GMT 2007
Array md4_buf[] is used uninitialized in line 194 lib/genrand.c
for all I can see (function generate_random_buffer()) .
I can see possibility why this can be intentional () (... in order
to increase entropy of the generated output ? ... but this still
looks weird .. no explanatory comment ... )
Is this indeed intentional ?
Thanks
Yakov Lerner
159 void generate_random_buffer( unsigned char *out, int len)
160 {
161 static int urand_fd = -1;
162 unsigned char md4_buf[64];
.... snip ... md4_buf not mentioned here ...
190 p = out;
191 while(len > 0) {
192 int copy_len = len > 16 ? 16 : len;
193
194 smb_arc4_crypt(smb_arc4_state, md4_buf, sizeof(md4_buf));
195 mdfour(tmp_buf, md4_buf, sizeof(md4_buf));
196 memcpy(p, tmp_buf, copy_len);
197 p += copy_len;
198 len -= copy_len;
199 }
200 }
More information about the samba-technical
mailing list