Implement the CRYPTO_secure_clear_free function

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4044)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-07-28 21:24:02 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2017-07-29 19:26:06 +0200
commit: 4dae7cd3f0f074e01b2fe73ffff0dfbf032fa566 (patch)
tree: 0acb65b271fc6dabdc115b2d4dfe2e8439ac769a /crypto/mem_sec.c
parent: 0443b1171da43696a2cd67cfcb0624be1e3ee25b (diff)
1 files changed, 27 insertions, 0 deletions
diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c
index 11e95c42b8..04aa94eae1 100644
--- a/crypto/mem_sec.c
+++ b/crypto/mem_sec.c
@@ -157,6 +157,33 @@ void CRYPTO_secure_free(void *ptr, const char *file, int line)
 #endif /* IMPLEMENTED */
 }
 
+void CRYPTO_secure_clear_free(void *ptr, size_t num,
+                              const char *file, int line)
+{
+#ifdef IMPLEMENTED
+    size_t actual_size;
+
+    if (ptr == NULL)
+        return;
+    if (!CRYPTO_secure_allocated(ptr)) {
+        OPENSSL_cleanse(ptr, num);
+        CRYPTO_free(ptr, file, line);
+        return;
+    }
+    CRYPTO_THREAD_write_lock(sec_malloc_lock);
+    actual_size = sh_actual_size(ptr);
+    CLEAR(ptr, actual_size);
+    secure_mem_used -= actual_size;
+    sh_free(ptr);
+    CRYPTO_THREAD_unlock(sec_malloc_lock);
+#else
+    if (ptr == NULL)
+        return;
+    OPENSSL_cleanse(ptr, num);
+    CRYPTO_free(ptr, file, line);
+#endif /* IMPLEMENTED */
+}
+
 int CRYPTO_secure_allocated(const void *ptr)
 {
 #ifdef IMPLEMENTED
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-07-28 21:24:02 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2017-07-29 19:26:06 +0200
commit	4dae7cd3f0f074e01b2fe73ffff0dfbf032fa566 (patch)
tree	0acb65b271fc6dabdc115b2d4dfe2e8439ac769a /crypto/mem_sec.c
parent	0443b1171da43696a2cd67cfcb0624be1e3ee25b (diff)