X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=crypto%2Fmem.c;h=43d48ab425707d2d08c289e47f597fc32e9bb955;hb=37cf49a3df4b0094c5d335008705518e93b2dad2;hp=46a00697ce22147579763fa5b9bb55bb1cb9980b;hpb=df29cc8f77bcf09cdd245feeaea452f5f91e4125;p=openssl.git

diff --git a/crypto/mem.c b/crypto/mem.c
index 46a00697ce..43d48ab425 100644
--- a/crypto/mem.c
+++ b/crypto/mem.c
@@ -250,7 +250,8 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
 void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	{
 	void *ret = NULL;
-	extern unsigned char cleanse_ctr;
+
+	if (num <= 0) return NULL;
 
 	allow_customize = 0;
 	if (malloc_debug_func != NULL)
@@ -265,11 +266,15 @@ void *CRYPTO_malloc_locked(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+#ifndef OPENSSL_CPUID_OBJ
         /* Create a dependency on the value of 'cleanse_ctr' so our memory
          * sanitisation function can't be optimised out. NB: We only do
          * this for >2Kb so the overhead doesn't bother us. */
         if(ret && (num > 2048))
+	{	extern unsigned char cleanse_ctr;
 		((unsigned char *)ret)[0] = cleanse_ctr;
+	}
+#endif
 
 	return ret;
 	}
@@ -289,7 +294,8 @@ void CRYPTO_free_locked(void *str)
 void *CRYPTO_malloc(int num, const char *file, int line)
 	{
 	void *ret = NULL;
-	extern unsigned char cleanse_ctr;
+
+	if (num <= 0) return NULL;
 
 	allow_customize = 0;
 	if (malloc_debug_func != NULL)
@@ -304,11 +310,15 @@ void *CRYPTO_malloc(int num, const char *file, int line)
 	if (malloc_debug_func != NULL)
 		malloc_debug_func(ret, num, file, line, 1);
 
+#ifndef OPENSSL_CPUID_OBJ
         /* Create a dependency on the value of 'cleanse_ctr' so our memory
          * sanitisation function can't be optimised out. NB: We only do
          * this for >2Kb so the overhead doesn't bother us. */
         if(ret && (num > 2048))
+	{	extern unsigned char cleanse_ctr;
                 ((unsigned char *)ret)[0] = cleanse_ctr;
+	}
+#endif
 
 	return ret;
 	}
@@ -319,6 +329,9 @@ void *CRYPTO_realloc(void *str, int num, const char *file, int line)
 
 	if (str == NULL)
 		return CRYPTO_malloc(num, file, line);
+
+	if (num <= 0) return NULL;
+
 	if (realloc_debug_func != NULL)
 		realloc_debug_func(str, NULL, num, file, line, 0);
 	ret = realloc_ex_func(str,num,file,line);
@@ -338,15 +351,22 @@ void *CRYPTO_realloc_clean(void *str, int old_len, int num, const char *file,
 
 	if (str == NULL)
 		return CRYPTO_malloc(num, file, line);
+
+	if (num <= 0) return NULL;
+
 	if (realloc_debug_func != NULL)
 		realloc_debug_func(str, NULL, num, file, line, 0);
 	ret=malloc_ex_func(num,file,line);
 	if(ret)
+		{
 		memcpy(ret,str,old_len);
-	memset(str,'\0',old_len);
-	free_func(str);
+		OPENSSL_cleanse(str,old_len);
+		free_func(str);
+		}
 #ifdef LEVITTE_DEBUG_MEM
-	fprintf(stderr, "LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n", str, ret, num);
+	fprintf(stderr,
+		"LEVITTE_DEBUG_MEM:         | 0x%p -> 0x%p (%d)\n",
+		str, ret, num);
 #endif
 	if (realloc_debug_func != NULL)
 		realloc_debug_func(str, ret, num, file, line, 1);