提交 43d60164 编写于 作者: R Richard Levitte

A few more memset()s converted to OPENSSL_cleanse().

I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343
上级 55f78baf
......@@ -263,12 +263,12 @@ void BN_clear_free(BIGNUM *a)
if (a == NULL) return;
if (a->d != NULL)
{
memset(a->d,0,a->dmax*sizeof(a->d[0]));
OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0]));
if (!(BN_get_flags(a,BN_FLG_STATIC_DATA)))
OPENSSL_free(a->d);
}
i=BN_get_flags(a,BN_FLG_MALLOCED);
memset(a,0,sizeof(BIGNUM));
OPENSSL_cleanse(a,sizeof(BIGNUM));
if (i)
OPENSSL_free(a);
}
......
......@@ -201,7 +201,7 @@ static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom)
err:
if (buf != NULL)
{
memset(buf,0,bytes);
OPENSSL_cleanse(buf,bytes);
OPENSSL_free(buf);
}
return(ret);
......
......@@ -454,9 +454,9 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
{
if(c->cipher->cleanup && !c->cipher->cleanup(c))
return 0;
/* Zero cipher context data */
/* Cleanse cipher context data */
if (c->cipher_data)
memset(c->cipher_data, 0, c->cipher->ctx_size);
OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size);
}
if (c->cipher_data)
OPENSSL_free(c->cipher_data);
......
......@@ -196,7 +196,7 @@ static void md2_block(MD2_CTX *c, const unsigned char *d)
t=(t+i)&0xff;
}
memcpy(sp1,state,16*sizeof(MD2_INT));
memset(state,0,48*sizeof(MD2_INT));
OPENSSL_cleanse(state,48*sizeof(MD2_INT));
}
int MD2_Final(unsigned char *md, MD2_CTX *c)
......
......@@ -88,6 +88,6 @@ unsigned char *MD2(const unsigned char *d, unsigned long n, unsigned char *md)
}
#endif
MD2_Final(md,&c);
memset(&c,0,sizeof(c)); /* Security consideration */
OPENSSL_cleanse(&c,sizeof(c)); /* Security consideration */
return(md);
}
......@@ -89,7 +89,7 @@ unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md)
}
#endif
MD4_Final(md,&c);
memset(&c,0,sizeof(c)); /* security consideration */
OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
return(md);
}
......@@ -89,7 +89,7 @@ unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md)
}
#endif
MD5_Final(md,&c);
memset(&c,0,sizeof(c)); /* security consideration */
OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
return(md);
}
......@@ -69,7 +69,7 @@ unsigned char *MDC2(const unsigned char *d, unsigned long n, unsigned char *md)
MDC2_Init(&c);
MDC2_Update(&c,d,n);
MDC2_Final(md,&c);
memset(&c,0,sizeof(c)); /* security consideration */
OPENSSL_cleanse(&c,sizeof(c)); /* security consideration */
return(md);
}
......@@ -343,7 +343,7 @@ int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x,
* NOT taken from the BytesToKey function */
EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
if (kstr == (unsigned char *)buf) OPENSSL_cleanse(buf,PEM_BUFSIZE);
OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
......
......@@ -1717,7 +1717,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,
p,i);
memset(p,0,i);
OPENSSL_cleanse(p,i);
}
else
#endif
......@@ -1780,7 +1780,7 @@ static int ssl3_get_client_key_exchange(SSL *s)
s->session->master_key_length=
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,p,i);
memset(p,0,i);
OPENSSL_cleanse(p,i);
}
else
#endif
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册