km += MD5_DIGEST_LENGTH;
}
- OPENSSL_cleanse(smd, SHA_DIGEST_LENGTH);
+ OPENSSL_cleanse(smd, sizeof(smd));
EVP_MD_CTX_cleanup(&m5);
EVP_MD_CTX_cleanup(&s1);
return 1;
if (s->enc_read_ctx != NULL)
reuse_dd = 1;
else if ((s->enc_read_ctx =
- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+ OPENSSL_malloc(sizeof(*s->enc_read_ctx))) == NULL)
goto err;
else
/*
}
#ifndef OPENSSL_NO_COMP
/* COMPRESS */
- if (s->expand != NULL) {
- COMP_CTX_free(s->expand);
- s->expand = NULL;
- }
+ COMP_CTX_free(s->expand);
+ s->expand = NULL;
if (comp != NULL) {
s->expand = COMP_CTX_new(comp);
if (s->expand == NULL) {
if (s->enc_write_ctx != NULL)
reuse_dd = 1;
else if ((s->enc_write_ctx =
- OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)
+ OPENSSL_malloc(sizeof(*s->enc_write_ctx))) == NULL)
goto err;
else
/*
}
#ifndef OPENSSL_NO_COMP
/* COMPRESS */
- if (s->compress != NULL) {
- COMP_CTX_free(s->compress);
- s->compress = NULL;
- }
+ COMP_CTX_free(s->compress);
+ s->compress = NULL;
if (comp != NULL) {
s->compress = COMP_CTX_new(comp);
if (s->compress == NULL) {
}
#endif
- OPENSSL_cleanse(&(exp_key[0]), sizeof(exp_key));
- OPENSSL_cleanse(&(exp_iv[0]), sizeof(exp_iv));
+ OPENSSL_cleanse(exp_key, sizeof(exp_key));
+ OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
EVP_MD_CTX_cleanup(&md);
return (1);
err:
SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE, ERR_R_MALLOC_FAILURE);
err2:
+ OPENSSL_cleanse(exp_key, sizeof(exp_key));
+ OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
return (0);
}
void ssl3_cleanup_key_block(SSL *s)
{
- if (s->s3->tmp.key_block != NULL) {
- OPENSSL_cleanse(s->s3->tmp.key_block, s->s3->tmp.key_block_length);
- OPENSSL_free(s->s3->tmp.key_block);
- s->s3->tmp.key_block = NULL;
- }
+ OPENSSL_clear_free(s->s3->tmp.key_block, s->s3->tmp.key_block_length);
+ s->s3->tmp.key_block = NULL;
s->s3->tmp.key_block_length = 0;
}
/* Allocate handshake_dgst array */
ssl3_free_digest_list(s);
s->s3->handshake_dgst =
- OPENSSL_malloc(SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+ OPENSSL_malloc(sizeof(*s->s3->handshake_dgst) * SSL_MAX_DIGEST);
if (s->s3->handshake_dgst == NULL) {
SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, ERR_R_MALLOC_FAILURE);
return 0;
}
- memset(s->s3->handshake_dgst, 0, SSL_MAX_DIGEST * sizeof(EVP_MD_CTX *));
+ memset(s->s3->handshake_dgst, 0,
+ sizeof(*s->s3->handshake_dgst) * SSL_MAX_DIGEST);
hdatalen = BIO_get_mem_data(s->s3->handshake_buffer, &hdata);
if (hdatalen <= 0) {
SSLerr(SSL_F_SSL3_DIGEST_CACHED_RECORDS, SSL_R_BAD_HANDSHAKE_LENGTH);
s, s->msg_callback_arg);
}
#endif
- OPENSSL_cleanse(buf, sizeof buf);
+ OPENSSL_cleanse(buf, sizeof(buf));
return (ret);
}