diff options
author | Matt Caswell <matt@openssl.org> | 2016-06-24 23:37:27 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-06-30 15:51:57 +0100 |
commit | 3ce2fdabe6e33952bf3011acf5b68107e6352603 (patch) | |
tree | 1db552127f77d0e0615ea2e3019183fd64b9e8dd /crypto/evp/digest.c | |
parent | 6f4ae777f5100715a96b45355a1195c2efa96b4e (diff) | |
download | openssl-3ce2fdabe6e33952bf3011acf5b68107e6352603.tar.gz |
Convert memset calls to OPENSSL_cleanse
Ensure things really do get cleared when we intend them to.
Addresses an OCAP Audit issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Diffstat (limited to 'crypto/evp/digest.c')
-rw-r--r-- | crypto/evp/digest.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index c594a0a638..65eff7c8c1 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -36,7 +36,7 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) #ifndef OPENSSL_NO_ENGINE ENGINE_finish(ctx->engine); #endif - memset(ctx, 0, sizeof(*ctx)); + OPENSSL_cleanse(ctx, sizeof(*ctx)); return 1; } @@ -170,7 +170,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) ctx->digest->cleanup(ctx); EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED); } - memset(ctx->md_data, 0, ctx->digest->ctx_size); + OPENSSL_cleanse(ctx->md_data, ctx->digest->ctx_size); return ret; } |