diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-07-28 16:13:29 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-07-30 14:55:34 +0100 |
commit | 3df16cc2e27f75eac2c0991248b0c294e2c847b5 (patch) | |
tree | 97e60a2d66fe22324772d1bc1250bbd82b797a11 /ssl | |
parent | a784665e52735f77a64d01216d7535834278c27c (diff) |
cleanse psk_identity on error
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_clnt.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index d5bcf54280..080dbf0f18 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -2391,8 +2391,10 @@ int ssl3_send_client_key_exchange(SSL *s) s->s3->tmp.psk = BUF_memdup(psk, psklen); OPENSSL_cleanse(psk, psklen); - if (s->s3->tmp.psk == NULL) + if (s->s3->tmp.psk == NULL) { + OPENSSL_cleanse(identity, sizeof(identity)); goto memerr; + } s->s3->tmp.psklen = psklen; @@ -2404,8 +2406,10 @@ int ssl3_send_client_key_exchange(SSL *s) } OPENSSL_free(s->session->psk_identity); s->session->psk_identity = BUF_strdup(identity); - if (s->session->psk_identity == NULL) + if (s->session->psk_identity == NULL) { + OPENSSL_cleanse(identity, sizeof(identity)); goto memerr; + } s2n(identitylen, p); memcpy(p, identity, identitylen); |