From 6c13488c4e75ef839bc07a3ce428289aef4bd267 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Mon, 4 Apr 2016 16:55:12 +0200
Subject: Make sure the rand_byte buffer in padlock engine is cleansed.

Submitted by Michael McConville <mmcco@mykolab.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 engines/e_padlock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'engines/e_padlock.c')

diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 96e7483729..f474f50ca7 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -776,7 +776,7 @@ static int padlock_rand_bytes(unsigned char *output, int count)
         *output++ = (unsigned char)buf;
         count--;
     }
-    *(volatile unsigned int *)&buf = 0;
+    OPENSSL_cleanse(&buf, sizeof(buf));
 
     return 1;
 }
-- 
cgit v1.2.3