OpenSAML user discussion

this is either a bug or a usage misunderstanding on my part :)

my high-level goal is to simply create a single assertion with two 
statements, an auth statement and an attribute statement.

as a starting point and usage model i used the sample code provided in 
signtest.cpp

the only change that is mine is the addition of the attribStatement.get() to 
the first line shown below, the rest is existing sample/source code:
   
SAMLStatement* statements[] = { statement.get(), attribStatement.get() };


auto_ptr<SAMLAssertion> assertion(new SAMLAssertion(issuer, &lower, &upper, 
condition.get() ? ArrayIterator<SAMLCondition*>(conditions) : 
Iterator<SAMLCondition*>(), ArrayIterator<SAMLStatement*>(statements)));

template<class T> ArrayIterator<T>::ArrayIterator(T v[]) : 
Iterator<T>(m_real_vector)
    {
        for (size_t i=0; v && i<(sizeof(v)/sizeof(T)); i++)
            m_real_vector.push_back(v[i]);
        m_iter=m_vector.begin();
    }

the issue is that sizeof(v) evaluates to the size of the pointer not to the 
number of elements in the array.  is this misuse on my part or indeed a bug?  
(i've looked through the rest of the source code and never see an array size 
larger than one being passed to this constructor)

lastly, am i heading down the right path in the first place towards my goal?  
i.e., is feeding two statements to the SAMLAssertion constructor a 
proper/intended mechanism? (is there a good example in either the OpenSAML or 
Shib code that shows the correct way to get an attribute statement into an 
assertion?)

thanks,
David C.