libcrypt/md5.c: a few statics can be auto variables; strlen("const") is silly
will.newton at gmail.com
Wed Jun 11 15:32:35 UTC 2008
On Wed, Jun 11, 2008 at 4:22 PM, Denys Vlasenko
<vda.linux at googlemail.com> wrote:
> On Wednesday 11 June 2008 11:37, Will Newton wrote:
>> On Tue, Jun 10, 2008 at 9:49 PM, Denys Vlasenko
>> > It makes sp, ep and p variables automatic.
>> > There is no point in having them static,
>> > they never use their values retained from previous call.
>> > These are code lines where they are assigned to:
>> This looks like it should be safe. Although it might be worth finding
>> the original author and asking why it is done this way, following the
>> Debian openssl incident. ;-)
> openssl incident? Did I miss some fun? :)
This is a fairly good summary:
The general lesson being: be very careful when modifying crypto code.
Although I think the changes you proposed are safe.
btw I tested the strlen change and this code:
static const unsigned char __md5__magic = "$1$";
compiles to this:
Disassembly of section .text:
0: 55 push %ebp
1: 89 e5 mov %esp,%ebp
3: b8 03 00 00 00 mov $0x3,%eax
8: 5d pop %ebp
9: c3 ret
More information about the uClibc