Replace memset with OPENSSL_clear_free()

BUF_MEM_free() attempts to cleanse memory using memset immediately prior to a free. This is at risk of being optimised away by the compiler, so replace with a call to OPENSSL_clear_free() instead. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: N Stephen Henson <steve@openssl.org>

Replace memset with OPENSSL_clear_free()
BUF_MEM_free() attempts to cleanse memory using memset immediately prior to a free. This is at risk of being optimised away by the compiler, so replace with a call to OPENSSL_clear_free() instead. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: N Stephen Henson <steve@openssl.org>
5d80fab0 · Matt Caswell · e36c5fc4 · 5d80fab0
隐藏空白更改
内联并排

Showing with 1 addition and 2 deletion

crypto/buffer/buffer.c crypto/buffer/buffer.c +1 -2

未找到文件。
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -88,8 +88,7 @@ void BUF_MEM_free(BUF_MEM *a)
        return;

    if (a->data != NULL) {
-        memset(a->data, 0, (unsigned int)a->max);
-        OPENSSL_free(a->data);
+        OPENSSL_clear_free(a->data, a->max);
    }
    OPENSSL_free(a);
 }