Re: [Ccrtp-devel] CryptoContext: uninitialized value

[Werner Dittmann]

Am 30.04.2012 20:50, schrieb Tristan Matthews:
> ----- Original Message -----
>> From: "Werner Dittmann" <address@hidden>
>> To: address@hidden
>> Sent: Monday, April 30, 2012 3:11:37 AM
>> Subject: Re: [Ccrtp-devel] CryptoContext: uninitialized value
>>
>> Initialization to NULL is correct. In case of non-authentication mode
>> this could
>> lead to problems if macCtx contains some random value and delete uses
>> this value
>> to free the macCtx.
> 
> In that case, could the attached patch be applied?
> 
> Best,
> Tristan
> 

In parts it's already included, only the "empty" constructor is missing, will be
added soon.

Thanks,
Werner

>>
>> This problem did not show up because SRTP usually uses an
>> authentication mode and
>> macCtx was initialized eventually. Note: SRTP shall always use an
>> authentication.
>>
>> Regards,
>> Werner
>>
>> Am 30.04.2012 03:45, schrieb Tristan Matthews:
>>> [Apologies for cross-posting...accidentally mailed this to
>>> bug-commoncpp]
>>>
>>> I was just wondering if macCtx in CryptoCtx is deliberately _not_
>>> initialized in either of CryptoContext's constructors.
>>> I ask because this value is used in an if-statement in the
>>> destructor for CryptoContext (see CryptoContext.cpp:180).
>>> Note that the body of the if-statement checks against initialized
>>> values before doing any work, so the current code is harmless.
>>>
>>> Best,
>>> Tristan
>>>
>>
>>
>> _______________________________________________
>> Ccrtp-devel mailing list
>> address@hidden
>> https://lists.gnu.org/mailman/listinfo/ccrtp-devel
>>