openssl-1.0.0e: resolve conflicts

1 files changed, 7 insertions, 4 deletions

diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
index 88088ce73c..b2f04ff13e 100644
--- a/src/lib/libcrypto/rand/md_rand.c
+++ b/src/lib/libcrypto/rand/md_rand.c
@@ -476,11 +476,14 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
                 MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
 
 #ifndef PURIFY /* purify complains */
-                /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */
+                /* The following line uses the supplied buffer as a small
+                 * source of entropy: since this buffer is often uninitialised
+                 * it may cause programs such as purify or valgrind to
+                 * complain. So for those builds it is not used: the removal
+                 * of such a small source of entropy has negligible impact on
+                 * security.
+                 */
                 MD_Update(&m,buf,j);
-                /* We know that line may cause programs such as
-                   purify and valgrind to complain about use of
-                   uninitialized data.  */
 #endif
 
                 k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;