[openssl-dev] [openssl-commits] [openssl] master update
Salz, Rich
rsalz at akamai.com
Fri Aug 28 15:34:55 UTC 2015
TL;DR -- Don't read the diff, look at the revised code.
> The comment and code here are a slight mismatch, since qsize is dynamically
> computed (but limited to three values, the largest of which is used to size the
> local variable). It's not clear that using SHA256_DIGEST_LENGTH for the
> check would actually be better, though.
If you can think of a more-c lear comment, let me know. But checking against qsize is the right thing to do.
> >+ int seed_is_random = seed_in == NULL;
>
> This part seems really bogus; seed_is_random is an int, but seed_in is const
> unsigned char *; the assignment makes no sense.
No, it's like "seed_in == NULL ? 1 : 0"
> I guess the intent is to declare the variable in the outer loop?
Nope.
> and seed_in is never read after this point.
It was set up before the loop.
> The grammar here is slightly unusual; "for lengths of at least 2048 bits"
> or "for lengths 2048 bits and larger" would feel more natural to me.
Open a ticket :)
More information about the openssl-dev
mailing list