void *CRYPTO_malloc_locked(int num, const char *file, int line)
{
void *ret = NULL;
+ extern unsigned char cleanse_ctr;
allow_customize = 0;
if (malloc_debug_func != NULL)
if (malloc_debug_func != NULL)
malloc_debug_func(ret, num, file, line, 1);
+ /* Create a dependency on the value of 'cleanse_ctr' so our memory
+ * sanitisation function can't be optimised out. NB: We only do
+ * this for >2Kb so the overhead doesn't bother us. */
+ if(ret && (num > 2048))
+ ((unsigned char *)ret)[0] = cleanse_ctr;
+
return ret;
}
void *CRYPTO_malloc(int num, const char *file, int line)
{
void *ret = NULL;
+ extern unsigned char cleanse_ctr;
allow_customize = 0;
if (malloc_debug_func != NULL)
if (malloc_debug_func != NULL)
malloc_debug_func(ret, num, file, line, 1);
+ /* Create a dependency on the value of 'cleanse_ctr' so our memory
+ * sanitisation function can't be optimised out. NB: We only do
+ * this for >2Kb so the overhead doesn't bother us. */
+ if(ret && (num > 2048))
+ ((unsigned char *)ret)[0] = cleanse_ctr;
+
return ret;
}
ret=malloc_ex_func(num,file,line);
if(ret)
memcpy(ret,str,old_len);
- memset(str,'\0',old_len);
+ OPENSSL_cleanse(str,old_len);
free_func(str);
#ifdef LEVITTE_DEBUG_MEM
fprintf(stderr, "LEVITTE_DEBUG_MEM: | 0x%p -> 0x%p (%d)\n", str, ret, num);
projects / openssl.git / blobdiff