Closed Bug 95990 Opened 18 years ago Closed 18 years ago
.c: encrypt/decrypt use c2 and c3 without ever initializing .
Functions rijndael_encryptBlock and rijndael_decryptBlock both declare unsigned int c2, c3; and then proceed to use those without even assigning anything to this variables!
Assigned the bug to Ian.
Assignee: wtc → mcgreer
The two functions in question are not used, as the comment block above them notes. They are generic blocksize Rijndael encrypt/decrypt functions, and at this time only 128-bit blocksizes have been adopted in any standard drafts. The 128-bit blocksize routines are rijndael_encrypt128 and rijndael_decrypt128; they are highly optimized. I think there are possibly other problems with the generic encrypt/decrypt functions. I have intended to clean them up whenever I either have the time, or NSS has the demand for > 128-bit AES. For now, a more stringent comment, and initializing to 0, should do. -Ian
Can we just put the entire body of these unused functions inside of a big #if 0 ifdef? That will eliminate complaints and reduce library size until these functions are vetted.
I did that a long time ago. Because of that, I marking this WONTFIX. See 100770 for the real bug.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.