This patch for CUPS also seems to work. Would you be interested in taking a look? Yorick Hardy wrote:
That was my experience too. I copied the code into a small program and tried it. No crashes even with the extra & (that doesn't say much though). The code seems correct if the & is removed. I am way out of my depth here, could it be stack related? Maybe I should try malloc/free to see if that makes a difference. Greg Troxel wrote:I tried this patch to the cups package (in work/cups-1.3.9/cups), and got a crash: --- http.c.~1~ 2008-08-01 14:33:16.000000000 -0400 +++ http.c 2009-01-28 09:18:02.000000000 -0500 @@ -1175,7 +1175,7 @@ for (i = 0; i < sizeof(data); i ++) data[i] = rand(); /* Yes, this is a poor source of random data... */- RAND_seed(&data, sizeof(data));+ RAND_seed(data, sizeof(data)); #endif /* HAVE_LIBSSL */ }I would be in favor of #if 0 the whole end of the function, at least for now. I wonder if the real problem is that the cups http code is assuming that it can initialize OpenSSL, when probably other things have used it already.
-- Kind regards, Yorick Hardy
--- cups/http.c.orig 2008-08-01 20:33:16.000000000 +0200
+++ cups/http.c 2009-01-29 10:22:45.000000000 +0200
@@ -1124,7 +1124,7 @@
struct timeval curtime; /* Current time in microseconds */
# endif /* !WIN32 */
int i; /* Looping var */
- unsigned char data[1024]; /* Seed data */
+ unsigned char *data; /* Seed data */
#endif /* HAVE_LIBSSL */
#ifdef WIN32
@@ -1172,10 +1172,17 @@
srand(curtime.tv_sec + curtime.tv_usec);
#endif /* WIN32 */
- for (i = 0; i < sizeof(data); i ++)
- data[i] = rand(); /* Yes, this is a poor source of random data... */
+ data = (unsigned char*) malloc(1024 * sizeof(unsigned char));
- RAND_seed(&data, sizeof(data));
+ if (data != NULL)
+ {
+ for (i = 0; i < 1024; i ++)
+ data[i] = rand(); /* Yes, this is a poor source of random data... */
+
+ RAND_seed(data, sizeof(data));
+
+ free(data);
+ }
#endif /* HAVE_LIBSSL */
}