--bi5JUZtvcfApsciF
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

So this is from 0.9.8g's pem.h:

#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,( char **)x,cb,u)

And so is this:

void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **=
x,
pem_password_cb *cb, void *u);

Anyone notice a problem here?

That first argument to PEM_ASN1_read will never, ever be the right type.

char * !=3D void *

So, it would appear 0.9.8g has a bug left, but it only bites you if you
call PEM_read_SSL_SESSION.

I'm wondering what the "right" fix is... change void to char, or
vice-versa?
--=20

The stream is deaf, yet sings its melody for all to hear.
For a good time on my email blacklist, email john@subspacefield.org.

--bi5JUZtvcfApsciF
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (OpenBSD)

iQIVAwUBR46UOGQVZZEDJt9HAQLJqw//RseT0h/ERT6g6TGxjMaV0rqNjRXh/EX8
VK7mKCXxMvnp0h0sE8uHIEqxVw4JRGFvS6VYGiYjcWSS/46bm66MS5egbw2f6MON
MHT46VPO0ydNOOr405aNIX6xq93YGnswEFlPgVCyEMWVP73268 qjcN60sfCMG3ON
C/3kw+xe+6ZacGTtECYNL2pM3v6vwTm8G7n5hXVFj1Iwl3EPErC+ AcC3veFCkFSj
NImYcWFelEL1Lo4c5o/MWmCoRRH4OAz69/7+qpNhvARoV5BGBKwp3Fqv0zIVWhg+
EKAm9SncotEkaxPlMNNxpPHyjSMKQRbFZT+XNCEHdhbCOsQLCj hBUZLlD3mgd6g/
NhwKX7FaUDaBJ/OmUomuF3WgB/J/dCJ4kB/odnU5pmmWU2ztmdXsSRYfifqmnq6q
Aos53ylCtmbpHKIYbSCpE7BVxMv5y9sfA7w3sIpJ0Mclay8MAI tSBTkD6ENmkR0L
Z7Uvwv1XM2FPB9gUhosJBk/pmf9RspcwwD5XxHVeVD6cFrbiz+QyVT7ofCACNxTO
uR6uHdTKqRPGci3T2eb0revfdSs/q98RbcPaUa03XZBMOVSMQsY+C/ApeDZBBw85
lgzyDRSAMzWc0YoLioXPMwB24rpUA93QL79gyXkPiqFcpQDVuC Ea7iQ43UikfNfq
BIq6ltSwuRs=
=ZdoG
-----END PGP SIGNATURE-----

--bi5JUZtvcfApsciF--
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org