Convert memset calls to OPENSSL_cleanse

Ensure things really do get cleared when we intend them to. Addresses an OCAP Audit issue. Reviewed-by: Andy Polyakov <appro@openssl.org>
author: Matt Caswell <matt@openssl.org> 2016-06-24 23:37:27 +0100
committer: Matt Caswell <matt@openssl.org> 2016-06-30 15:51:57 +0100
commit: 3ce2fdabe6e33952bf3011acf5b68107e6352603 (patch)
tree: 1db552127f77d0e0615ea2e3019183fd64b9e8dd /crypto/mem.c
parent: 6f4ae777f5100715a96b45355a1195c2efa96b4e (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/mem.c b/crypto/mem.c
index 6be14ab54a..02aa43a7ef 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -148,7 +148,7 @@ void *CRYPTO_clear_realloc(void *str, size_t old_len, size_t num,
 
     /* Can't shrink the buffer since memcpy below copies |old_len| bytes. */
     if (num < old_len) {
-        memset((char*)str + num, 0, old_len - num);
+        OPENSSL_cleanse((char*)str + num, old_len - num);
         return str;
     }
author	Matt Caswell <matt@openssl.org>	2016-06-24 23:37:27 +0100
committer	Matt Caswell <matt@openssl.org>	2016-06-30 15:51:57 +0100
commit	3ce2fdabe6e33952bf3011acf5b68107e6352603 (patch)
tree	1db552127f77d0e0615ea2e3019183fd64b9e8dd /crypto/mem.c
parent	6f4ae777f5100715a96b45355a1195c2efa96b4e (diff)