Thorsten Glaser wrote: > What happens here is that it thinks the pointer to newkeys->enc > is a pointer to the first element (name) inside newkeys->enc, > which is incorrect Yes, so no overflow bug. Too bad it confuses the struct with the first member inside. > But looking at this… newkeys->enc is an inlined struct sshenc > inside struct newkeys, so why not just bzero the entire newkeys > at once near the end instead of doing it piecemeal as if it were > a pointer? Maybe to leak as little information as possible in case of error along the way. //Peter _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
