[xmlsec] Bug in bn.c ?
xs04.jmdesp at free.fr
xs04.jmdesp at free.fr
Mon Jun 21 11:05:30 PDT 2004
I apparently found a bug in bn.c, but I'm very surprised it would not have come
out earlier.
At line 300, the code :
/* we might have '0' at the beggining, remove it */
for(len = i; (len > 0) && (res[len - 1] == '0'); len--);
res[len] = '\0';
apparently will result in an empty content if the string is all zero.
In my test, this corrects it, and leaves at least one zero :
for(len = i; (len > 1) && (res[len - 1] == '0'); len--);
res[len] = '\0';
More information about the xmlsec
mailing list