diff options
author | Matt Caswell <matt@openssl.org> | 2016-06-24 23:37:27 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-06-30 15:53:44 +0100 |
commit | cb5ebf961333896776fbce10ef88c2af7bec8aea (patch) | |
tree | 018aec53d940f46fd051dd7c0a25dc64d9d2cf3d /crypto/evp/digest.c | |
parent | 6ad8c48291622a6ccc51489b9a230c9a05ca5614 (diff) |
Convert memset calls to OPENSSL_cleanse
Ensure things really do get cleared when we intend them to.
Addresses an OCAP Audit issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'crypto/evp/digest.c')
-rw-r--r-- | crypto/evp/digest.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index ee4296e467..4db179629d 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -285,7 +285,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) ctx->digest->cleanup(ctx); EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); } - memset(ctx->md_data, 0, ctx->digest->ctx_size); + OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); return ret; } |