In message <20181229.170846.804158981742723988.levitte@xxxxxxxxxxx> on Sat, 29 Dec 2018 17:08:46 +0100 (CET), Richard Levitte <levitte@xxxxxxxxxxx> said:
> In message <38b97114-0c66-40ed-f631-58aa20940a3a@xxxxxx> on Sat, 29 Dec 2018 14:19:47 +0100, "C.Wehrmeyer" <c.wehrmeyer@xxxxxx> said:
>
...
> > What's wrong with that, you ask? Let me show you how I'd have done
> > that:
> >
> > > static const unsigned char ssl3_pad_1[] =
> > > {
> > > "66666666"
> > > "66666666"
> > > "66666666"
> > > "66666666"
> > > "66666666"
> > > "66666666"
> > > };
> > >
> > > static const unsigned char*ssl3_pad_2[] =
> > > {
> > > "\\\\\\\\\\\\\\\\"
> > > "\\\\\\\\\\\\\\\\"
> > > "\\\\\\\\\\\\\\\\"
> > > "\\\\\\\\\\\\\\\\"
> > > "\\\\\\\\\\\\\\\\"
> > > "\\\\\\\\\\\\\\\\"
> > > };
> >
> > So, no. I don't trust anyone. Especially not this mess of a code.
>
> You do know that your string insert NUL bytes, right? If you have a
> look at how they're used, you might see why those stray NUL bytes
> aren't a good thing.
Never mind this remark... For some reason, my brain added commas
after each partial string. Meh...
--
Richard Levitte levitte@xxxxxxxxxxx
OpenSSL Project http://www.openssl.org/~levitte/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
