提交 358d446f 编写于 作者: B Bernd Edlinger

Use OPENSSL_secure_clear_free in STORE file_load

Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4044)
上级 2ca8bbe5
...@@ -1037,10 +1037,10 @@ static OSSL_STORE_INFO *file_load_try_repeat(OSSL_STORE_LOADER_CTX *ctx, ...@@ -1037,10 +1037,10 @@ static OSSL_STORE_INFO *file_load_try_repeat(OSSL_STORE_LOADER_CTX *ctx,
return result; return result;
} }
static void pem_free_flag(void *pem_data, int secure) static void pem_free_flag(void *pem_data, int secure, size_t num)
{ {
if (secure) if (secure)
OPENSSL_secure_free(pem_data); OPENSSL_secure_clear_free(pem_data, num);
else else
OPENSSL_free(pem_data); OPENSSL_free(pem_data);
} }
...@@ -1243,9 +1243,9 @@ static OSSL_STORE_INFO *file_load(OSSL_STORE_LOADER_CTX *ctx, ...@@ -1243,9 +1243,9 @@ static OSSL_STORE_INFO *file_load(OSSL_STORE_LOADER_CTX *ctx,
ctx->errcnt++; ctx->errcnt++;
endloop: endloop:
pem_free_flag(pem_name, (ctx->flags & FILE_FLAG_SECMEM) != 0); pem_free_flag(pem_name, (ctx->flags & FILE_FLAG_SECMEM) != 0, 0);
pem_free_flag(pem_header, (ctx->flags & FILE_FLAG_SECMEM) != 0); pem_free_flag(pem_header, (ctx->flags & FILE_FLAG_SECMEM) != 0, 0);
pem_free_flag(data, (ctx->flags & FILE_FLAG_SECMEM) != 0); pem_free_flag(data, (ctx->flags & FILE_FLAG_SECMEM) != 0, len);
} while (matchcount == 0 && !file_eof(ctx) && !file_error(ctx)); } while (matchcount == 0 && !file_eof(ctx) && !file_error(ctx));
/* We bail out on ambiguity */ /* We bail out on ambiguity */
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册