diff options
author | Matt Caswell <matt@openssl.org> | 2015-04-30 14:04:30 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-06-10 10:09:57 +0100 |
commit | 5d80fab086fe8849222613e20d7cf61839f94f5f (patch) | |
tree | 7b1e769100a70cee5dd63c9bef8a5eda0ec679f0 /crypto/buffer | |
parent | e36c5fc4f547ce62280e5a704d1f94189742ec65 (diff) |
Replace memset with OPENSSL_clear_free()
BUF_MEM_free() attempts to cleanse memory using memset immediately prior
to a free. This is at risk of being optimised away by the compiler, so
replace with a call to OPENSSL_clear_free() instead.
With thanks to the Open Crypto Audit Project for reporting this issue.
Reviewed-by: Stephen Henson <steve@openssl.org>
Diffstat (limited to 'crypto/buffer')
-rw-r--r-- | crypto/buffer/buffer.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c index 37e5484dbd..2beacce6d7 100644 --- a/crypto/buffer/buffer.c +++ b/crypto/buffer/buffer.c @@ -88,8 +88,7 @@ void BUF_MEM_free(BUF_MEM *a) return; if (a->data != NULL) { - memset(a->data, 0, (unsigned int)a->max); - OPENSSL_free(a->data); + OPENSSL_clear_free(a->data, a->max); } OPENSSL_free(a); } |