Yet another resource leak. Coverity ID 123.

[openssl.git] / crypto / pkcs12 / p12_key.c

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 0d39ebde8c8ec67da8a47beb9bee9a805c5dfcd6..18e72d0a1b8188e06a76ffe24decd960603ef236 100644 (file)
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -59,7 +59,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/pkcs12.h>
-
+#include <openssl/bn.h>
 
 /* Uncomment out this line to get debugging info about key generation */
 /*#define DEBUG_KEYGEN*/
@@ -91,7 +91,7 @@ int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt,
        ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen,
                                                 id, iter, n, out, md_type);
        if(unipass) {
-               memset(unipass, 0, uniplen);    /* Clear password from memory */
+               OPENSSL_cleanse(unipass, uniplen);      /* Clear password from memory */
                OPENSSL_free(unipass);
        }
        return ret;