projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
It seems like OpenUnix's ld uses LD_LIBRARY_PATH to search for
[openssl.git] / ssl / s2_lib.c
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 0cbbb066fdd12c0bb44dd87867c57804a981f365..910b9fe097d457fb9fdd7b793bf76f76bd4c3aff 100644 (file)
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -308,7 +308,7 @@ void ssl2_free(SSL *s)
        s2=s->s2;
        if (s2->rbuf != NULL) OPENSSL_free(s2->rbuf);
        if (s2->wbuf != NULL) OPENSSL_free(s2->wbuf);
-       memset(s2,0,sizeof *s2);
+       OPENSSL_cleanse(s2,sizeof *s2);
        OPENSSL_free(s2);
        s->s2=NULL;
        }
@@ -454,6 +454,9 @@ int ssl2_generate_key_material(SSL *s)
 
                EVP_DigestInit_ex(&ctx, md5, NULL);
 
+               OPENSSL_assert(s->session->master_key_length >= 0
+                   && s->session->master_key_length
+                   < sizeof s->session->master_key);
                EVP_DigestUpdate(&ctx,s->session->master_key,s->session->master_key_length);
                EVP_DigestUpdate(&ctx,&c,1);
                c++;
@@ -492,9 +495,7 @@ void ssl2_write_error(SSL *s)
 
        error=s->error; /* number of bytes left to write */
        s->error=0;
-       if (error < 0 || error > sizeof buf) /* can't happen */
-               return;
-  
+       OPENSSL_assert(error >= 0 && error <= sizeof buf);
        i=ssl2_write(s,&(buf[3-error]),error);
 
 /*     if (i == error) s->rwstate=state; */
Unnamed repository; edit this file 'description' to name the repository.