Use OPENSSL_secure_clear_free for secure mem BIOs and X25519 private keys

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4044)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-07-28 21:59:07 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-07-29 19:26:06 +0200
commit: 5d8f1b13890df51bce97b1a4c2a31f5228bb4744 (patch)
tree: 8eaeb93701443224f26cd20412221d54a183a19b /crypto/buffer
parent: 4dae7cd3f0f074e01b2fe73ffff0dfbf032fa566 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index ad7128a732..f3f8a1b55c 100644
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -47,7 +47,7 @@ void BUF_MEM_free(BUF_MEM *a)
 
     if (a->data != NULL) {
         if (a->flags & BUF_MEM_FLAG_SECURE)
-            OPENSSL_secure_free(a->data);
+            OPENSSL_secure_clear_free(a->data, a->max);
         else
             OPENSSL_clear_free(a->data, a->max);
     }
@@ -64,7 +64,7 @@ static char *sec_alloc_realloc(BUF_MEM *str, size_t len)
     if (str->data != NULL) {
         if (ret != NULL) {
             memcpy(ret, str->data, str->length);
-            OPENSSL_secure_free(str->data);
+            OPENSSL_secure_clear_free(str->data, str->length);
             str->data = NULL;
         }
     }
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-07-28 21:59:07 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-07-29 19:26:06 +0200
commit	5d8f1b13890df51bce97b1a4c2a31f5228bb4744 (patch)
tree	8eaeb93701443224f26cd20412221d54a183a19b /crypto/buffer
parent	4dae7cd3f0f074e01b2fe73ffff0dfbf032fa566 (diff)