projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use OPENSSL_secure_clear_free in PEM_read_bio_PrivateKey and PEM_read_bio_ex
[openssl.git] / crypto / buffer / buffer.c
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index 7caa2150924a3678676bc2e01c3b4b6a8a78cfc3..f3f8a1b55c83b264f2ce0ab0cabb35879c5db7c0 100644 (file)
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -46,9 +46,8 @@ void BUF_MEM_free(BUF_MEM *a)
         return;
 
     if (a->data != NULL) {
-        memset(a->data, 0, (unsigned int)a->max);
         if (a->flags & BUF_MEM_FLAG_SECURE)
-            OPENSSL_secure_free(a->data);
+            OPENSSL_secure_clear_free(a->data, a->max);
         else
             OPENSSL_clear_free(a->data, a->max);
     }
@@ -63,9 +62,11 @@ static char *sec_alloc_realloc(BUF_MEM *str, size_t len)
 
     ret = OPENSSL_secure_malloc(len);
     if (str->data != NULL) {
-        if (ret != NULL)
+        if (ret != NULL) {
             memcpy(ret, str->data, str->length);
-        OPENSSL_secure_free(str->data);
+            OPENSSL_secure_clear_free(str->data, str->length);
+            str->data = NULL;
+        }
     }
     return (ret);
 }
Unnamed repository; edit this file 'description' to name the repository.