From 8651fd5ff025be46cca91efe623b138186b69326 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Sun, 1 Jun 2014 15:10:53 +0000
Subject: Commit this before the head-scratching leads to premature baldness:  
   memset(a->data, 0, (unsigned int)a->max); but the decl is:     size_t max;
 size_t could be larger than int, especially in some of the systems OpenSSL
 purports to support.

How do _intentionally truncating_ casts like enter into a codebase?
Lack of understanding of C, at a minimum.  Generally the objects are
small, but this code is _intentionally unready_ for large objects.
ok miod
---
 src/lib/libcrypto/buffer/buffer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/lib/libcrypto/buffer/buffer.c')

diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c
index 486d6fef14..71784693be 100644
--- a/src/lib/libcrypto/buffer/buffer.c
+++ b/src/lib/libcrypto/buffer/buffer.c
@@ -88,7 +88,7 @@ BUF_MEM_free(BUF_MEM *a)
 		return;
 
 	if (a->data != NULL) {
-		memset(a->data, 0, (unsigned int)a->max);
+		memset(a->data, 0, a->max);
 		free(a->data);
 	}
 	free(a);
-- 
cgit v1.2.3-55-g6feb